CVE Database

59+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS

59 results for "CWE-20"

CVE-2024-38431
5.3 MEDIUM

Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy

Jul 30, 2024
CVE-2024-6407
9.8 CRITICAL

CWE-200: Information Exposure vulnerability exists that could cause disclosure of credentials when a specially crafted message is sent to the device.

Jul 11, 2024
CVE-2024-5681
7.8 HIGH

CWE-20: Improper Input Validation vulnerability exists that could cause local denial-of-service, privilege escalation, and potentially kernel execution when a malicious actor with local user access …

Jul 11, 2024
CVE-2024-27784
8.8 HIGH

Multiple Exposure of sensitive information to an unauthorized actor weaknesses [CWE-200] vulnerability in Fortinet FortiAIOps 2.0.0 may allow an authenticated, remote attacker to retrieve sensitive …

Jul 9, 2024
CVE-2024-30300
9.8 CRITICAL

Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Information Exposure vulnerability (CWE-200) that could lead to privilege escalation. An attacker …

Jun 13, 2024
CVE-2024-23107
5.5 MEDIUM

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiWeb version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, 6.3 all …

Jun 3, 2024
CVE-2024-36390
7.5 HIGH

MileSight DeviceHub - CWE-20 Improper Input Validation may allow Denial of Service

Jun 2, 2024
CVE-2024-27769
8.8 HIGH

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor may allow Taking Ownership Over Devices

Mar 18, 2024
CVE-2023-44253
5.0 MEDIUM

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiManager version 7.4.0 through 7.4.1 and before 7.2.5, FortiAnalyzer version 7.4.0 through …

Feb 15, 2024

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.