CWE-199(Information Management Errors)描述一種在漏洞資料庫與安全評估中使用的弱點類型;定義、背景與對應 CVE 見下方各節。
Weaknesses in this category are related to improper handling of sensitive information.
下列 CVE 在本庫中對應到該弱點,並保留以便追溯與檢索。
| CVE | 公開時間 | 摘要 |
|---|---|---|
| CVE-2025-58304 | 2025-11-27 | Permission control vulnerability in the file management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| CVE-2024-51522 | 2024-11-05 | Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability. |
| CVE-2016-10841 | 2019-08-01 | The bin/mkvhostspasswd script in cPanel before 11.54.0.4 discloses password hashes (SEC-73). |
| CVE-2016-5405 | 2017-06-08 | 389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux HPC Node 6 through 7, Red Hat Enterprise Linux Server 6 through 7, and Red Hat Enterprise Linux Workstati… |
| CVE-2016-5486 | 2016-10-25 | Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun Systems Products Suite AK 2013 allows local users to affect confidentiality via vectors related to Core Serv… |
| CVE-2015-8346 | 2016-04-12 | app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote attackers to obtain sensitive information about subjects of issues by viewing the tim… |
| CVE-2014-1595 | 2014-12-11 | Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, whi… |
| CVE-2014-1591 | 2014-12-11 | Mozilla Firefox 33.0 and SeaMonkey before 2.31 include path strings in CSP violation reports, which allows remote attackers to obtain sensitive information via a web site that receives a report after … |
| 日期 | 名稱 | 版本 | 重要性 | 評論 |
|---|---|---|---|---|
| 2008-09-08 | CWE Content Team | 1.0 | — | updated Relationships |
| 2009-07-27 | CWE Content Team | 1.5 | — | updated Relationships |
| 2017-11-08 | CWE Content Team | 3.0 | — | updated Applicable_Platforms |
| 2020-02-24 | CWE Content Team | 4.0 | — | updated Relationships |
| 2023-04-27 | CWE Content Team | 4.11 | — | updated Mapping_Notes, Relationships |
| 2023-06-29 | CWE Content Team | 4.12 | — | updated Mapping_Notes |