CWE-528

2 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-528page 1 of 1

CVE-2024-10403HIGHCVSS 7.5EG 7.5
2024-11-21
Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core …
CVE-2025-48928MEDIUMCVSS 4.0EG 9.0⚠ KEV
2025-05-28
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wil…

Map vulnerabilities like CWE-528 to your infrastructure

EchelonGraph correlates every CVE — across CWE-528 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →