Fallos del tipo CWE-200

3916 resultados
CVE-2026-7166CRITICALMultiple vulnerabilities in the Assassin game by GaudireEPSS 0.4%CVE-2023-39052An information leak in Earthgarden_waiting 13.6.1 allows attackers to obtain the channel access token and send crafted messages.EPSS 0.4%CVE-2025-49143MEDIUMNautobot may allows uploaded media files to be accessible without authenticationEPSS 0.4%CVE-2023-23499This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS EPSS 0.4%CVE-2026-58027MEDIUMQueryAbuseFilter API can be used to see the hit count of private filters, which is hidden in the UIEPSS 0.4%CVE-2021-46891Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affeEPSS 0.4%CVE-2024-21040MEDIUMVulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versioEPSS 0.4%CVE-2024-34991HIGHIn the module "Axepta" (axepta) before 1.3.4 from Quadra Informatique for PrestaShop, a guest can download partial credit card information (EPSS 0.4%CVE-2026-58024MEDIUMAPI identification of users on private wikisEPSS 0.4%CVE-2026-33761MEDIUMAVideo: Unauthenticated Access to Scheduler Plugin Endpoints Leaks Scheduled Tasks, Email Content, and User MappingsEPSS 0.4%CVE-2018-16883LOWsssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parEPSS 0.4%CVE-2026-58026NONE$wgNonincludableNamespaces can be bypassed by embedding redirect in other namespacesEPSS 0.4%CVE-2023-37232HIGHLoftware Spectrum through 4.6 exposes Sensitive Information (Logs) to an Unauthorized Actor.EPSS 0.4%CVE-2026-42047HIGHInngest TypeScript SDK exposes environment variables via serve() handler on unhandled HTTP methodsEPSS 0.4%CVE-2023-42666MEDIUMExposure of Sensitive Information to an Unauthorized Actor in DEXMA DEXGateEPSS 0.4%CVE-2025-41230HIGHVMware Cloud Foundation Information Disclosure VulnerabilityEPSS 0.4%CVE-2015-8553MEDIUMXen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and IEPSS 0.4%CVE-2024-40633MEDIUMCustomer data leak via adjustments API endpoint in SyliusEPSS 0.4%CVE-2023-47799HIGHMahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administratEPSS 0.4%CVE-2025-22961HIGHA critical information disclosure vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters due EPSS 0.4%