Fallos del tipo CWE-200

3920 resultados
CVE-2025-32986HIGHNETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper Authentication to an endpoint.EPSS 0.4%CVE-2025-45994HIGHAn issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active Directory via sending a crafted POST requesEPSS 0.4%CVE-2024-8756MEDIUMQuform - WordPress Form Builder <= 2.20.0 - Unauthenticated Sensitive Information ExposureEPSS 0.4%CVE-2024-11106MEDIUMSimple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.4%CVE-2025-57430HIGHCreacast Creabox Manager 4.4.4 exposes sensitive configuration data via a publicly accessible endpoint /get. When accessed, this endpoint reEPSS 0.4%CVE-2023-33851MEDIUMIBM PowerVM Hypervisor information disclosureEPSS 0.4%CVE-2024-47915HIGHVaeMendis - CWE-200: Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.4%CVE-2022-24886LOWExposure of Sensitive Information to an Unauthorized Actor in com.nextcloud.clientEPSS 0.4%CVE-2024-6545MEDIUMAdmin Trim Interface <= 3.5.1 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2024-6548MEDIUMAdd Admin JavaScript <= 2.0 - Unauthenticated Full Path DislcosureEPSS 0.4%CVE-2024-6566MEDIUMAramex Shipping WooCommerce <= 1.1.21 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2024-6571MEDIUMOptimize Images ALT Text (alt tag) & names for SEO using AI <= 3.1.1 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2024-6553MEDIUMWP Meteor Website Speed Optimization Addon <= 3.4.3 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2024-6559MEDIUMXCloner <= 4.7.3 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2025-54373HIGHOpenEMR may expose Contents of Clinical Notes and Care Planto users who do not have Sensitivities=high privilegeEPSS 0.4%CVE-2025-13371HIGHMoney Space <= 2.13.9 - Unauthenticated Sensitive Information ExposureEPSS 0.4%CVE-2024-38524MEDIUMGWC Home Page communicate version and revision informationEPSS 0.4%CVE-2026-34970MEDIUMMantisBT Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is RevokedEPSS 0.4%CVE-2022-45449HIGHSensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber PEPSS 0.4%CVE-2020-1698MEDIUMA flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. EPSS 0.4%