Fallos del tipo CWE-200

3890 resultados
CVE-2021-22044In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@ReEPSS 1.1%CVE-2023-3705HIGHInformation Disclosure Vulnerability in CP-Plus Network Video RecorderEPSS 1.1%CVE-2021-4024A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spaEPSS 1.1%CVE-2023-1203Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell ModuEPSS 1.1%CVE-2022-24747MEDIUMHTTP caching is marking private HTTP headers as publicEPSS 1.1%CVE-2021-22770A CWE-200: Information Exposure vulnerability exists in Easergy T300 with firmware V2.7.1 and older that exposes sensitive information to anEPSS 1.1%CVE-2023-49068Apache DolphinScheduler: Information Leakage VulnerabilityEPSS 1.1%CVE-2018-16866MEDIUMAn out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attackerEPSS 1.1%CVE-2022-23952HIGHIn Keylime before 6.3.0, current keylime installer installs the keylime.conf file, which can contain sensitive data, as world-readable.EPSS 1.1%CVE-2023-29450HIGHUnauthorized limited filesystem access from preprocessingEPSS 1.1%CVE-2024-31869MEDIUMApache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config usedEPSS 1.0%CVE-2025-53781HIGHAzure Virtual Machines Information Disclosure VulnerabilityEPSS 1.0%CVE-2022-27863MEDIUMWordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.5.3 - Sensitive Data Exposure vulnerabilityEPSS 1.0%CVE-2023-39999MEDIUMWordPress < 6.3.2 is vulnerable to Broken Access ControlEPSS 1.0%CVE-2024-28849MEDIUMProxy-Authorization header kept across hosts in follow-redirectsEPSS 1.0%CVE-2025-55243HIGHMicrosoft OfficePlus Spoofing VulnerabilityEPSS 1.0%CVE-2021-4377MEDIUMDoneren met Mollie <= 2.8.4 - Information DisclosureEPSS 1.0%CVE-2024-26470HIGHA host header injection vulnerability in the forgot password function of FullStackHero's WebAPI Boilerplate v1.0.0 and v1.0.1 allows attackeEPSS 1.0%CVE-2020-11033MEDIUMAble to read any token through API user endpoint in GLPIEPSS 1.0%CVE-2017-20101LOWProjectSend information disclosureEPSS 1.0%