Weaknesses of type CWE-200

3,910 results
CVE-2024-39925MEDIUMAn issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. It lacks an offboarding process for members who leave an organizationEPSS 0.6%CVE-2023-27863MEDIUMIBM Spectrum Protect Plus Server information disclosureEPSS 0.6%CVE-2024-42486MEDIUMCilium vulnerable to information leakage via incorrect ReferenceGrant update logic in Gateway APIEPSS 0.6%CVE-2024-4021MEDIUMKeenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Configuration Setting ndmComponents.js information disclosureEPSS 0.6%CVE-2023-46315The zanllp sd-webui-infinite-image-browsing (aka Infinite Image Browsing) extension before 977815a for stable-diffusion-webui (aka Stable DiEPSS 0.6%CVE-2025-7654HIGHMultiple Plugins By FunnelKit <= (Various Versions) - Authenticated (Contributor+) Sensitive Information Exposure to Privilege Escalation via Woofunnel LibraryEPSS 0.6%CVE-2024-24548HIGHPayment EX Ver1.1.5b and earlier allows a remote unauthenticated attacker to obtain the information of the user who purchases merchandise usEPSS 0.6%CVE-2026-40498HIGHFreeScout has Authentication Bypass and Information Disclosure in SystemController via /system/cronEPSS 0.6%CVE-2024-27947MEDIUMA vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems could allow log messages to be forwardEPSS 0.6%CVE-2022-23488MEDIUMBigBlueButton vulnerable to Insertion of Sensitive Information Into Sent DataEPSS 0.6%CVE-2023-4139HIGHWP Ultimate CSV Importer <= 7.9.8 - Sensitive Information Exposure via Directory ListingEPSS 0.6%CVE-2024-29036MEDIUMSaleor Storefront session leak in cacheEPSS 0.6%CVE-2024-27296MEDIUMDirectus version number disclosureEPSS 0.6%CVE-2026-47633HIGHMicrosoft Cost Management Information Disclosure VulnerabilityEPSS 0.6%CVE-2025-8226MEDIUMyanyutao0402 ChanCMS find information disclosureEPSS 0.6%CVE-2023-22611HIGHA CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure when specEPSS 0.6%CVE-2025-14286MEDIUMTenda AC9 Configuration File DownloadCfg.jpg information disclosureEPSS 0.6%CVE-2024-13567HIGHAwesome Support – WordPress HelpDesk & Support Plugin <= 6.3.1 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.6%CVE-2025-30675MEDIUMApache CloudStack: Unauthorised template/ISO list access to the domain/resource adminsEPSS 0.6%CVE-2023-0614HIGHThe fix in 4.6.16, 4.7.9, 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacEPSS 0.6%