CWE-219

5 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-219page 1 of 1

CVE-2022-21236HIGHCVSS 7.5EG 7.5
2022-01-28
An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send an HT…
CVE-2022-36306MEDIUMCVSS 6.5EG 6.5
2022-08-16
An authenticated attacker can enumerate and download sensitive files, including the eNodeB's web management UI's TLS private key, the web server binary, and the web server configuration file. These vulnerabilities were found in AirVelocity…
CVE-2023-39467MEDIUMCVSS 5.3EG 5.3
2024-05-03
Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Auth…
CVE-2024-39776HIGHCVSS 7.5EG 7.5
2024-08-22
Avtec Outpost stores sensitive information in an insecure location without proper access controls in place.
CVE-2024-56159MEDIUMCVSS 5.3EG 5.3
2024-12-19
Astro is a web framework for content-driven websites. A bug in the build process allows any unauthenticated user to read parts of the server source code. During build, along with client assets such as css and font files, the sourcemap file…

Map vulnerabilities like CWE-219 to your infrastructure

EchelonGraph correlates every CVE — across CWE-219 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →