CWE-199(Information Management Errors)は各種脆弱性データベースや評価で用いられる弱点タイプを説明します。定義・背景・対応する CVE は以下の各セクションを参照してください。
Weaknesses in this category are related to improper handling of sensitive information.
これらの CVE は本データベースでこの弱点に対応付けられており、追跡と検索のために保持されています。
| CVE | 公開 | 概要 |
|---|---|---|
| CVE-2025-58304 | 2025-11-28 | Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2024-51522 | 2024-11-05 | Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2016-10841 | 2019-08-01 | The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73). |
| CVE-2016-5405 | 2017-06-08 | 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstati… |
| CVE-2016-5486 | 2016-10-25 | Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality via vectors related to Core Serv… |
| CVE-2015-8346 | 2016-04-12 | app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote attackers to obtain sensitive information about subjects of issues by viewing the tim… |
| CVE-2014-1595 | 2014-12-11 | Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, whi… |
| CVE-2014-1591 | 2014-12-11 | Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after … |
| 日付 | 名称 | バージョン | 重要度 | コメント |
|---|---|---|---|---|
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships |
| 2009-07-27 | CWE Content Team | 1.5 | — | updated Relationships |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Applicable_Platforms |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Relationships |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Mapping_Notes, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |