Weaknesses of type CWE-200
3,880 resultsCVE-2021-24227—Patreon WordPress < 1.7.0 - Unauthenticated Local File DisclosureEPSS 5.9%CVE-2021-25118—Yoast SEO 16.7-17.2 - Unauthenticated Full Path DisclosureEPSS 5.8%CVE-2019-13511—Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier contain an INFORMATION EXPOSURE CWE-200. A maliciously crafted AEPSS 5.8%CVE-2024-54188MEDIUMInfoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access.EPSS 5.8%CVE-2022-1815MEDIUMExposure of Sensitive Information to an Unauthorized Actor in jgraph/drawioEPSS 5.7%CVE-2018-15962MEDIUMAdobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerEPSS 5.5%CVE-2019-14892HIGHA flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserializationEPSS 5.4%CVE-2021-24226—AccessAlly < 3.5.7 - $_SERVER Superglobal LeakageEPSS 5.4%CVE-2023-42820HIGHRandom seed leakage in JumpserverEPSS 5.4%CVE-2025-53694HIGHInformation Disclosure in ItemServices APIEPSS 5.3%CVE-2021-3773—A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditionalEPSS 5.3%CVE-2022-30184MEDIUM.NET and Visual Studio Information Disclosure VulnerabilityEPSS 5.3%CVE-2024-1208MEDIUMLearnDash LMS <= 4.10.2 - Sensitive Information Exposure via APIEPSS 5.3%CVE-2023-4714MEDIUMPlayTube Redirect information disclosureEPSS 5.2%CVE-2018-10915HIGHA vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between coEPSS 5.2%CVE-2026-20805MEDIUMDesktop Window Manager Information Disclosure VulnerabilityEPSS 5.0%KEVCVE-2022-29901MEDIUMArbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)EPSS 4.9%CVE-2026-6770MEDIUMOther issue in the Storage: IndexedDB componentEPSS 4.9%CVE-2021-22925MEDIUMcurl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=conEPSS 4.9%CVE-2017-5262—In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, the SNMP read-only (RO) community string has access to sensitive informEPSS 4.9%