CWE-779 is a common weakness enumeration in software security. This database tracks 11 CVE vulnerabilities classified under this weakness type.

How many CVEs are classified as CWE-779?

There are 11 CVE vulnerabilities classified as CWE-779 with an average CVSS score of 6.1454545454545.

What is the severity distribution for CWE-779?

CWE-779 contains 1 critical, 2 high, 8 medium, and 0 low severity vulnerabilities.

CWE-779

Total CVEs

Vulnerabilities

Avg CVSS v3

6.1

Medium

Avg CVSS v2

2.8

Low

Latest CVE

2024

Most Recent

Severity Distribution

Critical 1

9.1%

High 2

18.2%

Medium 8

72.7%

Low 0

External References

MITRE CWE

Official CWE definition

NIST NVD

Search CVEs by CWE

All CVEs (11)

Page 1 of 1

CVE-2024-36072

CRITICAL

CVSS:9.8(Critical)

Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote code execution vulnerability in the logging component of the Endpoint Protector and Unify server appli...

CWE-7792024

CVE-2024-36416

HIGH

CVSS:7.5(High)

SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by...

CWE-7792024

CVE-2022-31004

HIGH

CVSS:7.5(High)

CVEProject/cve-services is an open source project used to operate the CVE services API. A conditional in 'data.js' has potential for production secrets to be written to disk. The affected method write...

CWE-7792022

CVE-2024-1141

MEDIUM

CVSS:5.5(Medium)

A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level is enabled.

CWE-7792024

CVE-2022-39874

MEDIUM

CVSS:5.5(Medium)

Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.

CWE-7792022

CVE-2022-22291

MEDIUM

CVSS:5.5(Medium)

Logging of excessive data vulnerability in telephony prior to SMR Feb-2022 Release 1 allows privileged attackers to get Cell Location Information through log of user device.

CWE-7792022

CVE-2021-25423

MEDIUM

CVSS:5.5(Medium)

Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log.

CWE-7792021

CVE-2021-25422

MEDIUM

CVSS:5.5(Medium)

Improper log management vulnerability in Watch Active PlugIn prior to version 2.2.07.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.

CWE-7792021

CVE-2021-25421

MEDIUM

CVSS:5.5(Medium)

Improper log management vulnerability in Galaxy Watch3 PlugIn prior to version 2.2.09.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.

CWE-7792021

CVE-2021-25420

MEDIUM

CVSS:5.5(Medium)

Improper log management vulnerability in Galaxy Watch PlugIn prior to version 2.2.05.21033151 allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone within log.

CWE-7792021

CVE-2022-25779

MEDIUM

CVSS:4.3(Medium)

Logging of Excessive Data vulnerability in audit log of Secomea GateManager allows logged in user to write text entries in audit log. This issue affects: Secomea GateManager versions prior to 9.7.

CWE-7792022