CWE-16(Configuration)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
Weaknesses in this category are typically introduced during the configuration of the software.
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2026-4433 | 2026-03-24 | An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially … |
| CVE-2025-12221 | 2025-10-25 | Busybox 1.31.1 - Multiple Known Vulnerabilities.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. |
| CVE-2025-20151 | 2025-05-07 | A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker… |
| CVE-2024-46909 | 2024-12-02 | In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leverage this vulnerability to execute code in the context of the service account. |
| CVE-2018-11922 | 2024-11-26 | Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. |
| CVE-2024-47294 | 2024-09-27 | Access permission verification vulnerability in the input method framework module Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2024-47291 | 2024-09-27 | Permission vulnerability in the ActivityManagerService (AMS) module Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2024-42031 | 2024-08-08 | Access permission verification vulnerability in the Settings module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2024-32991 | 2024-05-14 | Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability. |
| CVE-2023-52719 | 2024-05-14 | Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2023-33105 | 2024-03-04 | Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number. |
| CVE-2023-33076 | 2024-02-06 | Memory corruption in Core when updating rollback version for TA and OTA feature is enabled. |
| CVE-2023-43088 | 2023-12-22 | Dell Client BIOS contains a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to exec… |
| CVE-2023-39385 | 2023-08-13 | Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access. |
| CVE-2023-39392 | 2023-08-13 | Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten. |
| CVE-2022-33233 | 2023-02-11 | Memory corruption due to configuration weakness in modem wile sending command to write protected files. |
| CVE-2022-43516 | 2022-12-05 | A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI) |
| CVE-2022-28762 | 2022-10-14 | Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as par… |
| CVE-2022-36423 | 2022-09-09 | OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to … |
| CVE-2022-37397 | 2022-08-12 | An issue was discovered in the YugabyteDB 2.6.1 when using LDAP-based authentication in YCQL with Microsoft’s Active Directory. When anonymous or unauthenticated LDAP binding is enabled, it allows byp… |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships |
| 2010-02-16 | CWE Content Team | 1.8 | — | updated Taxonomy_Mappings |
| 2013-07-17 | CWE Content Team | 2.5 | — | updated Relationships |
| 2014-07-30 | CWE Content Team | 2.8 | — | updated Detection_Factors |
| 2015-12-07 | CWE Content Team | 2.9 | — | updated Relationships |
| 2017-01-19 | CWE Content Team | 2.10 | — | updated Maintenance_Notes, Relationships |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Detection_Factors |
| 2018-03-27 | CWE Content Team | 3.1 | — | updated Relationships |
| 2019-06-20 | CWE Content Team | 3.3 | — | updated Relationships |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Maintenance_Notes, Relationships |
| 2021-10-28 | CWE Content Team | 4.6 | — | updated Relationships |
| 2022-10-13 | CWE Content Team | 4.9 | — | updated Maintenance_Notes, References |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |
| 2025-12-11 | CWE Content Team | 4.19 | — | updated Relationships |
| 2026-04-30 | CWE Content Team | 4.20 | — | updated Mapping_Notes |