Weaknesses of type CWE-200
3,916 resultsCVE-2024-32046MEDIUMDetailed error discloses full file path with dev mode offEPSS 0.5%CVE-2024-13623MEDIUMOrder Export for WooCommerce <= 3.24 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.5%CVE-2022-46371MEDIUMAlotcer - AR7088H-A Information disclosureEPSS 0.4%CVE-2024-20445MEDIUMCisco IP Phone 7800, 8800, and 9800 Series Information Disclosure VulnerabilityEPSS 0.4%CVE-2025-10750MEDIUMPowerBI Embed Reports <= 1.2.0 - Unauthenticated Sensitive Information DisclosureEPSS 0.4%CVE-2021-36096MEDIUMSupport Bundle includes S/Mime and PGP secret or PINEPSS 0.4%CVE-2020-9846—A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be ablEPSS 0.4%CVE-2025-9398MEDIUMYiFang CMS Migrate.php exportInstallTable information disclosureEPSS 0.4%CVE-2026-8198MEDIUMActivity Logs, User Activity Tracking, Multisite Activity Log from Logtivity <= 3.3.6 - Unauthenticated Information Disclosure via REST APIEPSS 0.4%CVE-2023-41676MEDIUMAn exposure of sensitive information to an unauthorized actor [CWE-200] in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker wEPSS 0.4%CVE-2022-2394MEDIUMSensitive Parameter Exposure in Puppet Bolt prior to 3.24EPSS 0.4%CVE-2024-6546MEDIUMOne Click Close Comments <= 2.7.1 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2025-9843MEDIUMDas Parking Management System 停车场管理系统 FindAll information disclosureEPSS 0.4%CVE-2022-41944LOWDiscourse users can see notifications for topics they no longer have access toEPSS 0.4%CVE-2025-56406HIGHAn issue was discovered in mcp-neo4j 0.3.0 allowing attackers to obtain sensitive information or execute arbitrary commands via the SSE servEPSS 0.4%CVE-2025-20345MEDIUMCisco Duo Authentication Proxy Information Disclosure VulnerabilityEPSS 0.4%CVE-2025-9842MEDIUMDas Parking Management System 停车场管理系统 Search information disclosureEPSS 0.4%CVE-2024-6567MEDIUMEbook Store <= 5.8001 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2025-30702MEDIUMVulnerability in the Fleet Patching and amp; Provisioning component of Oracle Database Server. Supported versions that are affected are 19.EPSS 0.4%CVE-2024-43289HIGHWordPress wpForo Forum plugin <= 2.3.4 - Unauthenticated Sensitive Data Exposure vulnerabilityEPSS 0.4%