Fallos del tipo CWE-200

3933 resultados
CVE-2025-53092MEDIUMStrapi core vulnerable to sensitive data exposure via CORS misconfigurationEPSS 0.3%CVE-2025-24283MEDIUMA logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.EPSS 0.3%CVE-2025-12770MEDIUMNew User Approve <= 3.0.9 - Unauthenticated Sensitive Information Disclosure via Type JugglingEPSS 0.3%CVE-2026-34318MEDIUMVulnerability in the MySQL Shell product of Oracle MySQL (component: Shell: Core Client). Supported versions that are affected are 8.0.0-8.EPSS 0.3%CVE-2025-24089MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumeEPSS 0.3%CVE-2021-3798A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObjEPSS 0.3%CVE-2022-0987A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a localEPSS 0.3%CVE-2023-36476HIGH`calamares-nixos-extensions` LUKS keyfile exposureEPSS 0.3%CVE-2024-34711CRITICALGeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)EPSS 0.3%CVE-2025-12681MEDIUMComment Edit Core – Simple Comment Editing <= 3.1.0 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-65017HIGHDecidim's private data exports can lead to data leaksEPSS 0.3%CVE-2025-12545MEDIUMPixel Manager for WooCommerce – Track Conversions and Analytics, Google Ads, TikTok and more <= 1.49.2 - Unauthenticated Information ExposureEPSS 0.3%CVE-2026-46912CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime Security). Supported versions thatEPSS 0.3%CVE-2026-37454HIGHInsecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via EPSS 0.3%CVE-2025-24217MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15EPSS 0.3%CVE-2024-46894MEDIUMA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate autEPSS 0.3%CVE-2026-33745HIGHcpp-httplib Client Leaks Authentication Credentials to Untrusted Hosts on Cross-Origin HTTP RedirectEPSS 0.3%CVE-2026-34984HIGHExternal Secrets Operator has DNS exfiltration via getHostByName in its v2 template engineEPSS 0.3%CVE-2025-24174HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app mEPSS 0.3%CVE-2025-61750MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Supported versions that are affecteEPSS 0.3%