Fallos del tipo CWE-200
3916 resultadosCVE-2026-32890CRITICALAnchorr: Stored XSS in User Mapping dropdown allows unprivileged Discord users to exfiltrate all secrets via /api/configEPSS 0.4%CVE-2020-10750HIGHSensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store EPSS 0.4%CVE-2025-43988HIGHKuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi), allowing remote attackers to retrieve sensitiveEPSS 0.4%CVE-2024-6407CRITICALCWE-200: Information Exposure vulnerability exists that could cause disclosure of
credentials when a specially crafted message is sent to thEPSS 0.4%CVE-2025-0224MEDIUMProvision-ISR SH-4050A-2 server.js information disclosureEPSS 0.4%CVE-2025-59209MEDIUMWindows Push Notification Information Disclosure VulnerabilityEPSS 0.4%CVE-2023-38503MEDIUMDirectus has Incorrect Permission Checking for GraphQL SubscriptionsEPSS 0.4%CVE-2024-10312MEDIUMExclusive Addons for Elementor <= 2.7.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor TemplatesEPSS 0.4%CVE-2025-58445MEDIUMAtlantis Exposes Service Version Publicly on /status API EndpointEPSS 0.4%CVE-2024-13562HIGHImport WP – Export and Import CSV and XML files to WordPress <= 2.14.5 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2024-41700HIGHBarix – CWE-200 Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.4%CVE-2025-32703MEDIUMVisual Studio Information Disclosure VulnerabilityEPSS 0.4%CVE-2023-30611MEDIUMReaction metadata exposed in private topics in Discourse-reactionsEPSS 0.4%CVE-2026-39889HIGHPraisonAI has Unauthenticated SSE Event Stream Exposes All Agent Activity in A2U ServerEPSS 0.4%CVE-2025-34059HIGHDahua Smart Cloud Gateway Registration Management Platform SQL InjectionEPSS 0.4%CVE-2023-50894HIGHIn Janitza GridVis through 9.0.66, use of hard-coded credentials in the de.janitza.pasw.feature.impl.activators.PasswordEncryption password EPSS 0.4%CVE-2023-39974—Extension - acymailing.com - Exposure of Sensitive Information in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3EPSS 0.4%CVE-2024-6549MEDIUMAdmin Post Navigation <= 2.1 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2025-7919HIGHSimopro Technology|WinMatrix3 Web package - SQL InjectionEPSS 0.4%CVE-2022-48347—The MediaProvider module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect confidentiEPSS 0.4%