Fallos del tipo CWE-200

3933 resultados
CVE-2026-44408MEDIUMUnauthorized access vulnerability in ZTE MU5250EPSS 0.3%CVE-2026-47176MEDIUMQuest Bot: Logging module can disclose private-channel message contents to a lower-visibility log channelEPSS 0.3%CVE-2026-53725MEDIUMParse Server: Endpoints `/login` and `/verifyPassword` disclose MFA secrets and protected fields when `_User` get is deniedEPSS 0.3%CVE-2026-7626MEDIUMSlek Gateway for WooCommerce <= 1.0 - Unauthenticated Insufficiently Protected Credentials via Payment Redirect Form Hidden FieldsEPSS 0.3%CVE-2026-28675MEDIUMOpenSift: Sensitive implementation details exposed via raw exception messages and token-returning endpointsEPSS 0.3%CVE-2025-24281MEDIUMThis issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive usEPSS 0.3%CVE-2026-47177MEDIUMQuest Bot: Ticket transcripts can disclose private ticket contents to a lower-visibility channelEPSS 0.3%CVE-2023-2820MEDIUMAn information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be uEPSS 0.3%CVE-2026-40908MEDIUMWWBN AVideo has an Unauthenticated Information Disclosure via git.json.php that Exposes Developer Emails and Deployed VersionEPSS 0.3%CVE-2025-20377MEDIUMCisco Unified Intelligence Center API Information Disclosure VulnerabilityEPSS 0.3%CVE-2026-2747MEDIUMPGP Mixed Plaintext and Encrypted ContentEPSS 0.3%CVE-2025-12148MEDIUMUnauthorized access to fields protected by Field Masking (FM) for fields of type IPEPSS 0.3%CVE-2026-6826MEDIUMConcrete 9.5.0 and below has file usage disclosure via missing permission check in Usage controllerEPSS 0.3%CVE-2026-34273MEDIUMVulnerability in Oracle GoldenGate (component: Libraries). Supported versions that are affected are 23.4-23.10. Easily exploitable vulnerabEPSS 0.3%CVE-2024-42208LOWHCL Connections is vulnerable to an information disclosure vulnerabilityEPSS 0.3%CVE-2025-12147MEDIUMUnauthorized access to fields protected by Field-Level Security (FLS) when those fields are members of an objectEPSS 0.3%CVE-2026-2803HIGHInformation disclosure, mitigation bypass in the Settings UI componentEPSS 0.3%CVE-2022-27575LOWInformation exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app inforEPSS 0.2%CVE-2025-12039MEDIUMBigBuy Dropshipping Connector for WooCommerce <= 2.0.5 - Unauthenticated IP Spoofing to phpinfo() ExposureEPSS 0.2%CVE-2025-11794MEDIUMPassword hash and MFA secret returned in user email verification endpointEPSS 0.2%