CVEs classified under CWE-212, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (50)
CVE-2022-2818 — CVSS 9.8 (critical): Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository cockpit-hq/cockpit prior to 2.2.2.
CVE-2020-11684 — CVSS 9.1 (critical): AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less…
CVE-2026-39937: Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth…
CVE-2022-30617 — CVSS 8.8 (high): An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens…
CVE-2022-0355 — CVSS 8.8 (high): Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1.
CVE-2021-0340 — CVSS 8.8 (high): In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This…
CVE-2019-13402 — CVSS 8.8 (high): /usr/sbin/default.sh and /usr/apache/htdocs/cgi-bin/admin/hardfactorydefault.cgi on Dynacolor FCM-MB40 v1.2.0.0 devices implement an…
CVE-2022-39393 — CVSS 8.6 (high): Wasmtime is a standalone runtime for WebAssembly. Prior to versions 2.0.2 and 1.0.2, there is a bug in Wasmtime's implementation of its…
CVE-2025-65965: Grype is a vulnerability scanner for container images and filesystems. A credential disclosure vulnerability was found in Grype, affecting…
CVE-2022-31112 — CVSS 8.2 (high): Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In affected versions parse Server…
CVE-2022-4734 — CVSS 8.1 (high): Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-1650 — CVSS 8.1 (high): Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2.
CVE-2019-11243 — CVSS 8.1 (high): In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials…
CVE-2024-43384 — CVSS 8.0 (high): A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.
CVE-2020-15094 — CVSS 8.0 (high): In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache…
CVE-2026-43824 — CVSS 7.7 (high): In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.
CVE-2022-31090 — CVSS 7.7 (high): Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information. In affected versions when using our…
CVE-2026-42186 — CVSS 7.5 (high): OpenBao is an open source identity-based secrets management system. Prior to 2.5.3, when OpenBao's initial namespace deletion fails…
CVE-2026-27640 — CVSS 7.5 (high): tfplan2md is software for converting Terraform plan JSON files into human-readable Markdown reports. Prior to version 1.26.1, a bug in…
CVE-2025-68131 — CVSS 7.5 (high): cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) serialization format. Starting in version 3.0.0…
CVE-2024-8474 — CVSS 7.5 (high): OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log…
CVE-2024-49997 — CVSS 7.5 (high): In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying…
CVE-2023-52376 — CVSS 7.5 (high): Information management vulnerability in the Gallery module.Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-3460 — CVSS 7.5 (high): In affected versions of Octopus Deploy it is possible for certain types of sensitive variables to inadvertently become unmasked when viewed…
CVE-2022-31162 — CVSS 7.5 (high): Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in…
CVE-2021-46813 — CVSS 7.5 (high): Vulnerability of residual files not being deleted after an update in the ChinaDRM module. Successful exploitation of this vulnerability may…
CVE-2022-31043 — CVSS 7.5 (high): Guzzle is an open source PHP HTTP client. In affected versions `Authorization` headers on requests are sensitive information. On making a…
CVE-2022-31042 — CVSS 7.5 (high): Guzzle is an open source PHP HTTP client. In affected versions the `Cookie` headers on requests are sensitive information. On making a…
CVE-2022-30618 — CVSS 7.5 (high): An authenticated user with access to the Strapi admin panel can view private and sensitive data, such as email and password reset tokens…
CVE-2022-24798 — CVSS 7.5 (high): Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter…
CVE-2020-36476 — CVSS 7.5 (high): An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext…
CVE-2021-31780 — CVSS 7.5 (high): In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing group association could lead to information disclosure on an event edit…
CVE-2019-20637 — CVSS 7.5 (high): An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a…
CVE-2020-1940 — CVSS 7.5 (high): The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a…
CVE-2002-0704 — CVSS 7.5 (high): The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error…
CVE-2022-23633 — CVSS 7.4 (high): Action Pack is a framework for handling and responding to web requests. Under certain circumstances response bodies will not be closed. In…
CVE-2026-46657 — CVSS 7.1 (high): Bludit is a content management system. Versions prior to 3.22.0 have a vulnerability in the user management logic that allows deactivated…
CVE-2022-33740 — CVSS 7.1 (high): Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities…
CVE-2026-54421 — CVSS 6.8 (medium): In OpenStack Ironic before 37.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can…
CVE-2021-33080 — CVSS 6.8 (medium): Exposure of sensitive system information due to uncleared debug information in firmware for some Intel(R) SSD DC, Intel(R) Optane(TM) SSD…
CVE-2020-11198 — CVSS 6.7 (medium): Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset…
CVE-2026-43528 — CVSS 6.5 (medium): OpenClaw before 2026.4.14 contains a redaction bypass vulnerability that allows authenticated gateway clients to receive unredacted secrets…
CVE-2024-31493 — CVSS 6.5 (medium): An improper removal of sensitive information before storage or transfer vulnerability [CWE-212] in FortiSOAR version 7.3.0, version 7.2.2…
CVE-2022-29900 — CVSS 6.5 (medium): Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-depend…
CVE-2021-26341 — CVSS 6.5 (medium): Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2022-25187 — CVSS 6.5 (medium): Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle.
CVE-2020-14301 — CVSS 6.5 (medium): An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were…
CVE-2020-26965 — CVSS 6.5 (medium): Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the…
CVE-2019-19362 — CVSS 6.5 (medium): An issue was discovered in the Chat functionality of the TeamViewer desktop application 14.3.4730 on Windows. (The vendor states that it…
CVE-2025-33013 — CVSS 6.2 (medium): IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0, and…