CVEs classified under CWE-313, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2026-52783 — CVSS 8.2 (high): OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, OpenProject's Storages module writes the…
CVE-2026-24349 — CVSS 7.1 (high): A vulnerability has been identified in SIMATIC WinCC Unified PC Runtime V16 (All versions), SIMATIC WinCC Unified PC Runtime V17 (All…
CVE-2025-4397 — CVSS 6.8 (medium): Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these…
CVE-2025-64305 — CVSS 6.5 (medium): MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An…
CVE-2025-36154 — CVSS 6.2 (medium): IBM Concert 1.0.0 through 2.1.0 stores sensitive information in cleartext during recursive docker builds which could be obtained by a local…
CVE-2024-30406 — CVSS 5.5 (medium): A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active…
CVE-2019-19291 — CVSS 5.3 (medium): A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions <…
CVE-2024-49762 — CVSS 4.6 (medium): Pterodactyl is a free, open-source game server management panel. When a user disables two-factor authentication via the Panel, a `DELETE`…
CVE-2023-0114 — CVSS 3.3 (low): A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality…