Weaknesses of type CWE-200
3,938 resultsCVE-2025-6745MEDIUMWoodMart <= 8.2.5 - Unauthenticated Post DisclosureEPSS 0.3%CVE-2026-22001LOWVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected areEPSS 0.3%CVE-2026-56242HIGHCapgo - Unauthenticated API Key Validity Oracle and User Identity Disclosure via get_identity_apikey_only RPCEPSS 0.3%CVE-2026-41659LOWAdmidio: Hidden Profile Field Values Leaked via Blind Search Oracle in Member AssignmentEPSS 0.3%CVE-2022-27576LOWInformation exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app EPSS 0.3%CVE-2025-13758LOWExposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.EPSS 0.3%CVE-2024-25011MEDIUMEricsson Catalog Manager and Ericsson Order Care - Exposure of Sensitive Information VulnerabilityEPSS 0.3%CVE-2020-13481MEDIUMCertain Lexmark products through 2020-05-25 allow XSS which allows an attacker to obtain session credentials and other sensitive informationEPSS 0.3%CVE-2025-11644LOWTomofun Furbo 360/Furbo Mini UART sensitive informationEPSS 0.3%CVE-2026-43885HIGHWWBN AVideo: Exposure of Sensitive Information to an Unauthorized Actor and Missing AuthorizationEPSS 0.3%CVE-2026-12408MEDIUMSlim SEO <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure via 'object.ID' ParameterEPSS 0.3%CVE-2025-30463MEDIUMThe issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 1EPSS 0.3%CVE-2021-20256—A flaw was found in Red Hat Satellite. The BMC interface exposes the password through the API to an authenticated local attacker with view_hEPSS 0.3%CVE-2025-13006MEDIUMSurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Unauthenticated Information ExposureEPSS 0.3%CVE-2025-12525MEDIUMLocker Content <= 1.0.0 - Unauthenticated Information ExposureEPSS 0.3%CVE-2021-32007LOWMissing security header: Referrer-Policy URLEPSS 0.3%CVE-2021-25332LOWImproper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscrEPSS 0.3%CVE-2021-25331LOWImproper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreEPSS 0.3%CVE-2024-23236MEDIUMA correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to read arbitrary filesEPSS 0.3%CVE-2021-25333LOWImproper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreEPSS 0.3%