Weaknesses of type CWE-200
3,955 resultsCVE-2025-22607MEDIUMCoolify Vulnerable to GitHub / GitLab OAuth Secrets LeakEPSS 0.2%CVE-2024-2728MEDIUMInformation exposure vulnerability in the CIGESv2 systemEPSS 0.2%CVE-2026-49288MEDIUMStatamic CMS missing authorization on Control Panel fieldtype endpoints allows disclosure of restricted resourcesEPSS 0.2%CVE-2026-4202LOWBroken Access Control in extension "Redirect Tab"EPSS 0.2%CVE-2026-46815LOWVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device). The supported version that is affecEPSS 0.2%CVE-2025-27707LOWExposure of sensitive information to an unauthorized actor for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM)EPSS 0.2%CVE-2026-46977LOWVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device). The supported version that is affecEPSS 0.2%CVE-2025-31976MEDIUMHCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentialsEPSS 0.2%CVE-2026-46816LOWVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: VMSVGA device). The supported version that is affecEPSS 0.2%CVE-2024-3182MEDIUMInstall-type password disclosure vulnerability in Universal Installer including the Silent Installer in TIBCO Hawk versions 6.2.0, 6.2.1, 6.EPSS 0.2%CVE-2025-31236MEDIUMAn information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able EPSS 0.2%CVE-2025-60892MEDIUMAn issue in Raspberry Pi Imager version 1.9.6 for Windows, affecting its OS customization feature. The imager's 'public-key authentication' EPSS 0.2%CVE-2026-44479MEDIUMVercel: Non-interactive mode includes CLI arguments in suggested command outputEPSS 0.2%CVE-2025-10285HIGHSimplcity Device Manager exposes NTLMv2 hashEPSS 0.2%CVE-2025-57837LOWTileservice module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentEPSS 0.2%CVE-2026-0818MEDIUMCSS-based exfiltration of the content from partially encrypted emails when allowing remote contentEPSS 0.2%CVE-2025-43473MEDIUMThis issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive useEPSS 0.2%CVE-2026-36618MEDIUMMercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 responds to version.bind CHAOS TXT queries, disclosing the DNS resolver software veEPSS 0.2%CVE-2025-31231MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to read sensitEPSS 0.2%CVE-2025-31256MEDIUMThe issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a usEPSS 0.2%