Skip to main content

CWE-223

Omission of Security-relevant Information

8 CVEs Avg CVSS 5.1 MITRE
0
CRITICAL
1
HIGH
6
MEDIUM
1
LOW
0
POC
0
KEV

Monthly

CVE-2026-31890 MEDIUM This Month

Silent event loss in Inspektor Gadget prior to 0.50.1 allows local attackers to cause denial of service by filling the 256KB ring-buffer, which triggers undetected data drops without alerting users or administrators. When the buffer becomes full, gadgets silently discard events and fail to report the loss count, potentially hiding critical system events from Kubernetes cluster and Linux host monitoring. A local attacker with limited privileges can exploit this to obscure malicious activity or system anomalies by saturating the instrumentation buffer.

Linux Kubernetes Denial Of Service Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2025-52926 Cargo LOW PATCH Monitor

A security vulnerability in scan.rs in spytrap-adb (CVSS 2.7). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian
NVD GitHub
CVSS 3.1
2.7
EPSS
0.0%
CVE-2024-52813 Cargo MEDIUM PATCH Monitor

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Suse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-31191 HIGH This Week

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Dronescout Ds230 Firmware
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2023-29156 MEDIUM This Month

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. No vendor patch available.

Code Injection Dronescout Ds230 Firmware
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2023-28360 MEDIUM This Month

An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Brave
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2022-44646 MEDIUM This Month

In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2022-22563 MEDIUM This Month

Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
4.4
EPSS
0.2%
EPSS 0% CVSS 4.8
MEDIUM This Month

Silent event loss in Inspektor Gadget prior to 0.50.1 allows local attackers to cause denial of service by filling the 256KB ring-buffer, which triggers undetected data drops without alerting users or administrators. When the buffer becomes full, gadgets silently discard events and fail to report the loss count, potentially hiding critical system events from Kubernetes cluster and Linux host monitoring. A local attacker with limited privileges can exploit this to obscure malicious activity or system anomalies by saturating the instrumentation buffer.

Linux Kubernetes Denial Of Service +1
NVD GitHub VulDB
EPSS 0% CVSS 2.7
LOW PATCH Monitor

A security vulnerability in scan.rs in spytrap-adb (CVSS 2.7). Remediation should follow standard vulnerability management procedures.

Information Disclosure Ubuntu Debian
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Suse
NVD GitHub
EPSS 0% CVSS 8.1
HIGH This Week

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Code Injection Dronescout Ds230 Firmware
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an information loss vulnerability through traffic injection. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required. No vendor patch available.

Code Injection Dronescout Ds230 Firmware
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Brave
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

In JetBrains TeamCity version before 2022.10, no audit items were added upon editing a user's settings. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy