Fallos del tipo CWE-200

3932 resultados
CVE-2023-52147LOWWordPress All-In-One Security (AIOS) plugin <= 5.2.4 - Secret Login Page Location Disclosure on Multisites vulnerabilityEPSS 0.3%CVE-2025-13785MEDIUMyungifez Skuul School Management System Image profile information disclosureEPSS 0.3%CVE-2026-28492HIGHFile Browser: Path Traversal in Public Share Links Exposes Files Outside Shared DirectoryEPSS 0.3%CVE-2026-28922MEDIUMThis issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26EPSS 0.3%CVE-2025-5064MEDIUMInappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin EPSS 0.3%CVE-2025-59535MEDIUMDotNetNuke.Core allows loading of unused themes on anonymous clients through query parametersEPSS 0.3%CVE-2025-29489MEDIUMlibming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHLINESTYLES function.EPSS 0.3%CVE-2025-29488MEDIUMlibming v0.4.8 was discovered to contain a memory leak via the parseSWF_INITACTION function.EPSS 0.3%CVE-2026-45300HIGHasync-http-client: Cookie header not stripped on cross-origin redirectEPSS 0.3%CVE-2025-29497MEDIUMlibming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHFILLSTYLES function.EPSS 0.3%CVE-2026-36719HIGHAn information disclosure vulnerability in the /api/v1/user/info endpoint of AgentChat v2.3.0 allows unauthenticated attackers to obtain senEPSS 0.3%CVE-2025-49150MEDIUMCursor Agent Potentially Leaks Information using JSON schemaEPSS 0.3%CVE-2025-14980MEDIUMBetterDocs <= 4.3.3 - Authenticated (Contributor+) Sensitive Information ExposureEPSS 0.3%CVE-2024-13451MEDIUMContact Form by Bit Form <= 2.17.5 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-55265MEDIUMHCL Aftermarket DPC is affected by File DiscoveryEPSS 0.3%CVE-2022-42866MEDIUMThe issue was addressed with improved handling of caches. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, waEPSS 0.3%CVE-2023-41881LOWDeleting a collaboration should also delete linked resourcesEPSS 0.3%CVE-2025-15527MEDIUMWP Recipe Maker <= 10.2.2 - Insecure Direct Object Reference to Sensitive Information ExposureEPSS 0.3%CVE-2026-42564HIGHjotty·page: Unauthenticated Path Traversal leads to sensitive file disclosure and session-token reuse impactEPSS 0.3%CVE-2025-14574MEDIUMweDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot <= 2.1.15 - Unauthenticated Sensitive Information ExposureEPSS 0.3%