CVEs classified under CWE-213, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2023-6517 — CVSS 7.5 (high): Exposure of Sensitive Information Due to Incompatible Policies vulnerability in Mia Technology Inc. MİA-MED allows Collect Data as…
CVE-2022-30350 — CVSS 7.5 (high): Avanquest Software RAD PDF (PDFEscape Online) 3.19.2.2 is vulnerable to Information Leak / Disclosure. The PDFEscape Online tool provides…
CVE-2023-3441 — CVSS 6.6 (medium): An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn…
CVE-2026-6280 — CVSS 6.5 (medium): Exposure of sensitive information due to incompatible policies vulnerability in NOMYSOFT Informatics Education and Consulting Inc. Nomysem…
CVE-2025-54831 — CVSS 6.5 (medium): Apache Airflow 3 introduced a change to the handling of sensitive information in Connections. The intent was to restrict access to…
CVE-2024-7267 — CVSS 6.5 (medium): Exposure of Sensitive Information vulnerability in Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP allows…
CVE-2022-22541 — CVSS 6.5 (medium): SAP BusinessObjects Business Intelligence Platform - versions 420, 430, may allow legitimate users to access information they shouldn't see…
CVE-2025-24316 — CVSS 5.3 (medium): The Dario Health Internet-based server infrastructure is vulnerable due to exposure of development environment details, which could lead to…
CVE-2024-49354 — CVSS 5.3 (medium): IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls.
CVE-2023-40570 — CVSS 5.3 (medium): Datasette is an open source multi-tool for exploring and publishing data. This bug affects Datasette instances running a Datasette 1.0…
CVE-2023-36919 — CVSS 5.3 (medium): In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Referrer-Policy…
CVE-2025-4976 — CVSS 4.3 (medium): An issue has been discovered in GitLab EE affecting all versions from 17.0 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that…
CVE-2025-32791 — CVSS 4.3 (medium): The Backstage Scaffolder plugin houses types and utilities for building scaffolder-related modules. A vulnerability in the Backstage…
CVE-2024-44121 — CVSS 4.3 (medium): Under certain conditions Statutory Reports in SAP S/4 HANA allows an attacker with basic privileges to access information which would…
CVE-2024-49827 — CVSS 3.7 (low): IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information…
CVE-2023-5117 — CVSS 3.7 (low): An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on…
CVE-2025-52603 — CVSS 3.5 (low): HCL Connections is vulnerable to information disclosure. In a very specific user navigation scenario, this could allow a user to obtain…