Weaknesses of type CWE-200
3,890 resultsCVE-2016-9590MEDIUMpuppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation oEPSS 1.2%CVE-2024-6633CRITICALInsecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)EPSS 1.2%CVE-2018-11727MEDIUMThe libfsntfs_attribute_read_from_mft function in libfsntfs_attribute.c in libfsntfs through 2018-04-20 allows remote attackers to cause an EPSS 1.2%CVE-2018-11728MEDIUMThe libfsntfs_reparse_point_values_read_data function in libfsntfs_reparse_point_values.c in libfsntfs through 2018-04-20 allows remote attaEPSS 1.2%CVE-2023-28271MEDIUMWindows Kernel Memory Information Disclosure VulnerabilityEPSS 1.2%CVE-2021-22135—Elasticsearch versions before 7.11.2 and 6.8.15 contain a document disclosure flaw was found in the Elasticsearch suggester and profile API EPSS 1.2%CVE-2024-9821HIGHBot for Telegram on WooCommerce <= 1.2.7 - Authenticated (Subscriber+) Telegram Bot Token Disclosure to Authentication BypassEPSS 1.2%CVE-2024-1098MEDIUMRebuild proxy-download QiniuCloud.getStorageFile information disclosureEPSS 1.2%CVE-2019-13557—In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an information exposure vulnerability which may allow a remote attacker tEPSS 1.2%CVE-2024-30472HIGHTelemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with loEPSS 1.2%CVE-2007-3650MEDIUMmyWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an invalid year parameter to calendar.php, reached EPSS 1.2%CVE-2025-34130HIGHLILIN DVR Arbitrary File Read via net_html.cgiEPSS 1.1%CVE-2021-32707MEDIUMBypass of image blocking in Nextcloud MailEPSS 1.1%CVE-2022-22680MEDIUMExposure of sensitive information to an unauthorized actor vulnerability in Web Server in Synology DiskStation Manager (DSM) before 7.0.1-42EPSS 1.1%CVE-2021-24585—Timetable and Event Schedule by MotoPress < 2.4.0 - Arbitrary User's Hashed Password/Email/Username DisclosureEPSS 1.1%CVE-2019-11282MEDIUMUAA is vulnerable to a Blind SCIM injection leading to information disclosureEPSS 1.1%CVE-2017-2654LOWjenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dyEPSS 1.1%CVE-2024-21147HIGHVulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: HotspotEPSS 1.1%CVE-2021-32712MEDIUMInformation leakage in Error HandlerEPSS 1.1%CVE-2019-5465—An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosEPSS 1.1%