Fallos del tipo CWE-200

3924 resultados
CVE-2024-43237MEDIUMWordPress Tag Groups plugin <= 2.0.3 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-0525LOWIn affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. This could EPSS 0.3%CVE-2026-40965CRITICALCloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC EPSS 0.3%CVE-2024-43801MEDIUMPrivilege escalation to admin from a low-privileged user via SVG upload in JellyfinEPSS 0.3%CVE-2026-21940HIGHVulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: User and User Group). The supported version that is affecEPSS 0.3%CVE-2021-27908MEDIUMIn all versions prior to Mautic 3.3.2, secret parameters such as database credentials could be exposed publicly by an authorized admin user EPSS 0.3%CVE-2024-35682MEDIUMWordPress Otter Blocks PRO plugin <= 2.6.11 - Authenticated Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-25195MEDIUMZulip events can leak private channel namesEPSS 0.3%CVE-2025-32789LOWEspoCRM Allows Potential Disclosure of Sensitive Information in the User Sorting FunctionEPSS 0.3%CVE-2025-30352MEDIUMDirectus `search` query parameter allows enumeration of non permitted fieldsEPSS 0.3%CVE-2025-25333HIGHAn issue in IKEA CN iOS 4.13.0 allows attackers to access sensitive user information via supplying a crafted link.EPSS 0.3%CVE-2024-39807LOWChannel IDs of archived/restored channels leaked via webhook eventsEPSS 0.3%CVE-2026-30846HIGHWekan Exposes All Global Webhook Integrations through globalwebhooks PublicationEPSS 0.3%CVE-2025-22956CRITICALOPSI before 4.3 allows any client to retrieve any ProductPropertyState, including those of other clients. This can lead to privilege escalatEPSS 0.3%CVE-2024-10084MEDIUMContact Form 7 – Dynamic Text Extension <= 4.5 - Information Disclosure via ShortcodeEPSS 0.3%CVE-2026-32266LOWGoogle Cloud Storage for Craft CMS has an Information Disclosure VulnerabilityEPSS 0.3%CVE-2025-12558MEDIUMBeaver Builder – WordPress Page Builder <= 2.9.4 - Authenticated (Contributor+) Sensitive Information ExposureEPSS 0.3%CVE-2024-34754MEDIUMWordPress Contact Form Widget plugin <= 1.3.9 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2026-7382MEDIUMInformation Disclosure in MeWare Software's PDKSEPSS 0.3%CVE-2021-43937HIGHElcomplus SmartPTT SCADA Server Cross-site Request ForgeryEPSS 0.3%