Weaknesses of type CWE-200
3,880 resultsCVE-2023-40278HIGHAn issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsEPSS 3.0%CVE-2026-22240CRITICALPlaintext Passwords Vulnerability in BLUVOYIXEPSS 3.0%CVE-2025-43538LOWA logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, mEPSS 3.0%CVE-2025-55976HIGHIntelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint. Any unauthenticated user on the local netwEPSS 3.0%CVE-2026-32625CRITICALLibreChat Exfiltrates Server Secrets via MCP Server URL InjectionEPSS 2.9%CVE-2022-2462MEDIUMTransposh WordPress Translation <= 1.0.9.6 - Sensitive Information DisclosureEPSS 2.9%CVE-2017-12216—A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write EPSS 2.9%CVE-2017-16607—This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. AuthEPSS 2.9%CVE-2026-32315MEDIUMmotionEye: World-Readable Configuration File Exposes Admin Password HashEPSS 2.9%CVE-2024-3656HIGHKeycloak: unguarded admin rest api endpoints allows low privilege users to use administrative functionalitiesEPSS 2.8%CVE-2022-21296MEDIUMVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that EPSS 2.8%CVE-2022-27775HIGHAn information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connectEPSS 2.8%CVE-2023-32681MEDIUMUnintended leak of Proxy-Authorization header in requestsEPSS 2.8%CVE-2011-0737MEDIUMAdobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveEPSS 2.8%CVE-2019-6572—A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor PaneEPSS 2.7%CVE-2020-15086CRITICALPotential Remote Code Execution in TYPO3 with mediace extensionEPSS 2.7%CVE-2024-31816HIGHIn TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getEasyWizEPSS 2.7%CVE-2021-28544—Apache Subversion SVN authz protected copyfrom paths regressionEPSS 2.7%CVE-2018-0288—A vulnerability in Cisco WebEx Recording Format (WRF) Player could allow an unauthenticated, remote attacker to access sensitive data about EPSS 2.7%CVE-2017-6647—A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to accesEPSS 2.7%