Fallos del tipo CWE-200

3910 resultados
CVE-2021-41263HIGHSecure/signed cookies share secrets between sites in rails_multisiteEPSS 0.6%CVE-2024-0909MEDIUMAnonymous Restricted Content <= 1.6.2 - Protection Mechanism BypassEPSS 0.6%CVE-2023-47619HIGHAudiobookshelf Server-Side Request Forgery and Arbitrary File Read VulnerabilityEPSS 0.6%CVE-2025-30086MEDIUMCNCF Harbor 2.13.x before 2.13.1 and 2.12.x before 2.12.4 allows information disclosure by administrators who can exploit an ORM Leak presenEPSS 0.6%CVE-2022-24866MEDIUMExposure of Sensitive Information to an Unauthorized Actor in Discourse AssignEPSS 0.6%CVE-2022-34659A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). AffecteEPSS 0.6%CVE-2022-36074MEDIUMAuthentication headers exposed on by Nextcloud ServerEPSS 0.6%CVE-2025-53804MEDIUMWindows Kernel-Mode Driver Information Disclosure VulnerabilityEPSS 0.6%CVE-2022-26070MEDIUMError message discloses internal pathEPSS 0.6%CVE-2023-40385MEDIUMThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, Safari 17, iOS 17 and iPadOS 17. A remote EPSS 0.6%CVE-2025-43356MEDIUMThe issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, EPSS 0.6%CVE-2023-27481MEDIUMExtract password hashes through export querying in directusEPSS 0.6%CVE-2022-46355HIGHA vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE X204RNA (PRP) (All versions < V3.2.7), SCALAEPSS 0.6%CVE-2024-10285CRITICALCE21 Suite <= 2.2.0 - JWT Token DisclosureEPSS 0.6%CVE-2024-29883MEDIUMCreateWiki's wiki request suppression ignores the suppression settings set by the suppressorEPSS 0.6%CVE-2024-26063MEDIUMAdobe Experience Manager | Information Exposure (CWE-200)EPSS 0.6%CVE-2022-34867HIGHWordPress WP Libre Form 2 plugin <= 2.0.8 - Unauthenticated Sensitive Information Disclosure vulnerabilityEPSS 0.6%CVE-2025-3975MEDIUMScriptAndTools eCommerce-website-in-PHP subscriber-csv.php information disclosureEPSS 0.6%CVE-2024-21209LOWVulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.4.2 anEPSS 0.6%CVE-2023-42454CRITICALSQLpage vulnerable to public exposure of database credentialsEPSS 0.6%