Fallos del tipo CWE-200
3936 resultadosCVE-2022-27575LOWInformation exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app inforEPSS 0.2%CVE-2025-30435MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may beEPSS 0.2%CVE-2025-12039MEDIUMBigBuy Dropshipping Connector for WooCommerce <= 2.0.5 - Unauthenticated IP Spoofing to phpinfo() ExposureEPSS 0.2%CVE-2025-12098MEDIUMAcademy LMS Pro <= 3.3.8 - Unauthenticated Sensitive Information Exposure via 'enqueue_social_login_script'EPSS 0.2%CVE-2025-12521MEDIUMAnalytify Pro <= 7.0.3 - Unauthenticated Information ExposureEPSS 0.2%CVE-2025-11794MEDIUMPassword hash and MFA secret returned in user email verification endpointEPSS 0.2%CVE-2025-6425MEDIUMThe WebCompat WebExtension shipped with Firefox exposed a persistent UUIDEPSS 0.2%CVE-2026-45080MEDIUMKlaw: Improper Access Control Allows Disclosure of Password HashEPSS 0.2%CVE-2024-44139LOWThe issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to aEPSS 0.2%CVE-2025-26711MEDIUMThere is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized EPSS 0.2%CVE-2026-48210MEDIUMPossible information disclosure via External InterfaceEPSS 0.2%CVE-2023-29114MEDIUMUnauthorized System Log Disclosure in Enel X JuiceBoxEPSS 0.2%CVE-2025-24226MEDIUMThe issue was addressed with improved checks. This issue is fixed in Xcode 16.3. A malicious app may be able to access private information.EPSS 0.2%CVE-2023-5718MEDIUMThe Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard `postMessage()` API. By creatiEPSS 0.2%CVE-2021-22276MEDIUMfree@home System Access Point FW integrity check can be bypassed.EPSS 0.2%CVE-2026-54396MEDIUMMISP AuthKey edit endpoint allows authenticated user email enumerationEPSS 0.2%CVE-2026-9912MEDIUMInappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensEPSS 0.2%CVE-2026-5266LOWExposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo.
This vulnerability is associated wiEPSS 0.2%CVE-2022-32825MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tEPSS 0.2%CVE-2025-24282MEDIUMA library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modifEPSS 0.2%