Weaknesses of type CWE-200
3,958 resultsCVE-2021-25392MEDIUMImproper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive infoEPSS 0.1%CVE-2025-8305MEDIUMInformation Disclosure in Identity Agent Debug FilesEPSS 0.1%CVE-2026-0025HIGHIn hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead toEPSS 0.1%CVE-2025-48635HIGHIn multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. ThiEPSS 0.1%CVE-2025-8304MEDIUMInformation Disclosure in Identity Agent Registry KeysEPSS 0.1%CVE-2022-38688MEDIUMIn telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privEPSS 0.1%CVE-2022-33686LOWExposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.EPSS 0.1%CVE-2026-33448MEDIUMFormat string vulnerability in MacOS clients prior to 14.50EPSS 0.1%CVE-2025-58278MEDIUMIdentity authentication bypass vulnerability in the Gallery app. Successful exploitation of this vulnerability may affect service confidentiEPSS 0.1%CVE-2024-58252MEDIUMVulnerability of insufficient information protection in the media library module
Impact: Successful exploitation of this vulnerability may aEPSS 0.1%CVE-2026-20730LOWBIG-IP Edge Client for Windows vulnerabilityEPSS 0.1%CVE-2022-33698LOWExposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.EPSS 0.1%CVE-2022-33693LOWExposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log.EPSS 0.1%CVE-2024-56193MEDIUMThere is a possible disclosure of Bluetooth adapter details due to a permissions bypass. This could lead to local information disclosure witEPSS 0.1%CVE-2022-33700LOWExposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via lEPSS 0.1%CVE-2022-33699LOWExposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via lEPSS 0.1%CVE-2022-33687LOWExposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows local attackers to access IMSI via log.EPSS 0.1%CVE-2018-9379MEDIUMIn multiple functions of MiniThumbFile.java, there is a possible way to view the thumbnails of deleted photos due to a confused deputy. ThisEPSS 0.1%CVE-2024-45447MEDIUMAccess control vulnerability in the camera framework module
Impact: Successful exploitation of this vulnerability may affect service confideEPSS 0.1%CVE-2022-24001LOWInformation disclosure vulnerability in Edge Panel prior to Android S(12) allows physical attackers to access screenshot in clipboard via EdEPSS 0.1%