Fallos del tipo CWE-200

3920 resultados
CVE-2025-34072CRITICALAnthropic Slack MCP Server Data Exfiltration via Link UnfurlingEPSS 0.4%CVE-2025-22138MEDIUMPrivate categories allow suggested edits to be viewed via the queue in @codidact/qpixelEPSS 0.4%CVE-2020-1698MEDIUMA flaw was found in keycloak in versions before 9.0.0. A logged exception in the HttpMethod class may leak the password given as parameter. EPSS 0.4%CVE-2024-39919LOWCapture screenshot of localhost web services (unauthenticated pages) in @jmondi/url-to-pngEPSS 0.4%CVE-2025-23203MEDIUMIcinga has rest API endpoints accessible to restricted usersEPSS 0.4%CVE-2026-29787MEDIUMmcp-memory-service: System Information Disclosure via Health EndpointEPSS 0.4%CVE-2024-22032HIGHRancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpecEPSS 0.4%CVE-2025-12276MEDIUMLearnHouse Image information disclosureEPSS 0.4%CVE-2025-11670MEDIUMNTLM Hash Exposure VulnerabilityEPSS 0.4%CVE-2026-21626CRITICALExtension - stackideas.com - Information disclosure in post custom fields in EasyDiscuss 1.0.0-5.0.15 for JoomlaEPSS 0.4%CVE-2024-40554HIGHAn access control issue in Tmall_demo v2024.07.03 allows attackers to obtain sensitive information.EPSS 0.4%CVE-2024-8913MEDIUMThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.11 - Authenticated (Contributor+) Sensitive Information Exposure via content_templateEPSS 0.4%CVE-2025-10607MEDIUMPortabilis i-Educar diarioApi information disclosureEPSS 0.4%CVE-2024-11741MEDIUMGrafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected EPSS 0.4%CVE-2024-8902MEDIUMElementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sectionsEPSS 0.4%CVE-2025-59260MEDIUMMicrosoft Failover Cluster Virtual Driver Information Disclosure VulnerabilityEPSS 0.4%CVE-2026-35452MEDIUMWWBN AVideo has Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.phpEPSS 0.4%CVE-2024-1952LOWMattermost version 8.1.x before 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, allowing anEPSS 0.4%CVE-2026-1170MEDIUMbirkir prime GraphQL API graphql information disclosureEPSS 0.4%CVE-2024-11351MEDIUMRestrict – membership, site, content and user access restrictions for WordPress <= 2.2.8 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.4%