Fallos del tipo CWE-200

3909 resultados
CVE-2024-28236HIGHInsecure Variable Substitution in VelaEPSS 0.7%CVE-2022-32219MEDIUMAn information disclosure vulnerability exists in Rocket.Chat <v4.7.5 which allowed the "users.list" REST endpoint gets a query parameter frEPSS 0.7%CVE-2026-26273CRITICALKnown affected by Account Takeover via Password Reset Token LeakageEPSS 0.7%CVE-2024-29197MEDIUMPimcore Preview Documents are not restricted to logged in users anymoreEPSS 0.7%CVE-2022-32740LOWInformation disclosure in the External InterfaceEPSS 0.7%CVE-2024-31207MEDIUMVite's `server.fs.deny` did not deny requests for patterns with directoriesEPSS 0.7%CVE-2024-27769HIGHUnitronics Unistream Unilogic – Versions prior to 1.35.227 CWE-200: Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.7%CVE-2026-23486MEDIUMBlinko: Unauthorized User Information LeakEPSS 0.7%CVE-2025-26864HIGHApache IoTDB: Exposure of Sensitive Information in IoTDB OpenID AuthenticationEPSS 0.7%CVE-2023-28762CRITICALInformation Disclosure in SAP BusinessObjects Intelligence PlatformEPSS 0.7%CVE-2021-22527MEDIUMInformation leakage vulnerability in NetIQ Access Manager versions prior to version 4.5.4 and 5.0.1EPSS 0.7%CVE-2025-26795HIGHApache IoTDB JDBC driver: Exposure of Sensitive Information in IoTDB JDBC driverEPSS 0.7%CVE-2024-29897MEDIUMCreateWiki Leak of suppressed wiki requests outside of `CreateWikiGlobalWiki`EPSS 0.7%CVE-2024-28235HIGHContao possible cookie sharing with external domains while checking protected pages for broken linksEPSS 0.7%CVE-2023-39620An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote attacker to obtain sensitive information via thEPSS 0.7%CVE-2023-35625MEDIUMAzure Machine Learning Compute Instance for SDK Users Information Disclosure VulnerabilityEPSS 0.7%CVE-2021-32477The last time a user accessed the mobile app is displayed on their profile page, but should be restricted to users with the relevant capabilEPSS 0.7%CVE-2022-4054MEDIUMAn issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5EPSS 0.7%CVE-2023-42940MEDIUMA session rendering issue was addressed with improved session tracking. This issue is fixed in macOS Sonoma 14.2.1. A user who shares their EPSS 0.7%CVE-2023-26108LOWVersions of the package @nestjs/core before 9.0.5 are vulnerable to Information Exposure via the StreamableFile pipe. Exploiting this vulnerEPSS 0.7%