Fallos del tipo CWE-200

3933 resultados
CVE-2026-3131MEDIUMImproper access control in multiple DVLS REST API endpoints in Devolutions Server 2025.3.14.0 and earlier allows an authenticated user witEPSS 0.3%CVE-2020-1987LOWGlobal Protect Agent: VPN cookie local information disclosureEPSS 0.3%CVE-2023-46741MEDIUMCubeFS leaks magic secret key when starting Blobstore access serviceEPSS 0.3%CVE-2023-0597MEDIUMA flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess lEPSS 0.3%CVE-2026-2696MEDIUMExport All URLs < 5.1 - Unauthenticated Sensitive Data ExposureEPSS 0.3%CVE-2026-23777MEDIUMDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release verEPSS 0.3%CVE-2025-30758MEDIUMVulnerability in the Siebel CRM End User product of Oracle Siebel CRM (component: User Interface). Supported versions that are affected areEPSS 0.3%CVE-2026-28434MEDIUMcpp-httplib's default exception handler leaks e.what() to clients via EXCEPTION_WHAT response headerEPSS 0.3%CVE-2024-9542MEDIUMSky Addons for Elementor <= 2.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Content Switcher Widget Elementor TemplateEPSS 0.3%CVE-2023-0248HIGHKantech Gen1 ioSmart card readerEPSS 0.3%CVE-2026-0717MEDIUMLottieFiles – Lottie block for Gutenberg <= 3.0.0 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2022-39210LOWAccess to internal files of the Nextcloud Android appEPSS 0.3%CVE-2025-65098HIGHTypebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization BypassEPSS 0.3%CVE-2024-41736MEDIUMInformation Disclosure vulnerability in SAP Permit to WorkEPSS 0.3%CVE-2026-13810MEDIUMInappropriate implementation in Input in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensiEPSS 0.3%CVE-2026-14004MEDIUMInappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.3%CVE-2025-40662MEDIUMAbsolute path disclosure vulnerability in DM Corporative CMSEPSS 0.3%CVE-2026-42220MEDIUMnginx-ui: Authenticated settings disclosure exposes node.secret and enables trusted-node authentication abuse, backup exfiltration, and restore-based nginx-ui state rollbackEPSS 0.3%CVE-2022-0672A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally EPSS 0.3%CVE-2022-32540HIGHInformation Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30EPSS 0.3%