Weaknesses of type CWE-200
3,953 resultsCVE-2026-3636MEDIUMSanitize team member data returned by APIEPSS 0.2%CVE-2022-46646LOWExposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enaEPSS 0.2%CVE-2022-36835LOWImplicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files.EPSS 0.2%CVE-2024-2371MEDIUMInformation exposure vulnerability in Korenix JetI/O 6550EPSS 0.2%CVE-2025-43509MEDIUMThis issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. EPSS 0.2%CVE-2019-3767HIGHDell ImageAssist versions prior to 8.7.15 contain an information disclosure vulnerability. Dell ImageAssist stores some sensitive encrypted EPSS 0.2%CVE-2022-20497MEDIUMIn updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreEPSS 0.2%CVE-2024-54550MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15EPSS 0.2%CVE-2024-45450MEDIUMPermission control vulnerability in the software update module.
Impact: Successful exploitation of this vulnerability may affect service conEPSS 0.2%CVE-2026-40159MEDIUMPraisonAI Exposes Sensitive Environment Variable via Untrusted MCP Subprocess ExecutionEPSS 0.2%CVE-2022-34355MEDIUMIBM Jazz Foundation information disclosureEPSS 0.2%CVE-2023-31413MEDIUMFilebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization hEPSS 0.2%CVE-2026-55188HIGHRustFS: ListRemoteTargetHandler authorization bypass leaks replication target credentialsEPSS 0.2%CVE-2023-28203MEDIUMThe issue was addressed with improved checks. This issue is fixed in Apple Music 4.2.0 for Android. An app may be able to access contacts.EPSS 0.2%CVE-2023-21435MEDIUMExposure of Sensitive Information vulnerability in Fingerprint TA prior to SMR Feb-2023 Release 1 allows attackers to access the memory addrEPSS 0.2%CVE-2025-30222LOWShescape has potential environment variable exposure on Windows with CMDEPSS 0.2%CVE-2026-12117MEDIUMImproper access control in the social login connection endpoint in
Devolutions Server 2026.2.5 allows an authenticated vault member to
enuEPSS 0.2%CVE-2026-2476HIGHMS Teams plugin sensitive config values not properly masked in support packetsEPSS 0.2%CVE-2022-31221LOWDell BIOS versions contain an Information Exposure vulnerability. A local authenticated administrator user could potentially exploit this vuEPSS 0.2%CVE-2025-8448LOWCWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive cEPSS 0.2%