By weakness (CWE)
CWE-538: related vulnerabilities
CVEs classified under CWE-538. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
2 published vulnerabilities
- CVE-2026-10254MEDIUM 5.3
SourceCodester Pet Grooming Management Software version 1.0 contains a vulnerability that exposes file and directory information to unauthenticated remote attackers. An unknown function in the /admin/ path fails to properly restrict access to sensitive filesystem metadata, allowing adversaries to enumerate files and directories without authentication. While this does not permit direct modification or service disruption, the information disclosure can serve as reconnaissance for subsequent targeted attacks. Public exploit code is available.
- CVE-2019-25717MEDIUM 4.3
Dräger's Infinity Delta, Delta XL, and Kappa patient monitors expose sensitive log files to unauthenticated attackers on the local network. An attacker with network access can retrieve device internals, location data, and network configuration without needing credentials. This is a network-adjacent threat that discloses operational details but does not enable direct device compromise or manipulation.