Fallos del tipo CWE-200
3910 resultadosCVE-2022-39193MEDIUMAn issue was discovered in the CheckUser extension for MediaWiki through 1.39.x. Various components of this extension can expose informationEPSS 0.6%CVE-2022-39013—Under certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker tEPSS 0.6%CVE-2022-42132MEDIUMThe Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix packEPSS 0.6%CVE-2022-1004MEDIUMInformation disclosure in the External InterfaceEPSS 0.6%CVE-2023-25912MEDIUMWebreport disclosure to unauthorized actor in Danfoss AK-EM100EPSS 0.6%CVE-2023-34093MEDIUMStrapi allows actors to make all attributes on a content-type public without noticing itEPSS 0.6%CVE-2022-34313MEDIUMIBM CICS TX Standard is vulnerable to allowing attackers access to an application via insecure session cookiesEPSS 0.6%CVE-2024-42394CRITICALUnauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI ProtocolEPSS 0.6%CVE-2026-41610MEDIUMVisual Studio Code Security Feature Bypass VulnerabilityEPSS 0.6%CVE-2023-44983MEDIUMWordPress Aruba HiSpeed Cache Plugin <= 2.0.6 is vulnerable to Sensitive Data ExposureEPSS 0.6%CVE-2024-11265MEDIUMWp Maximum Upload File Size <= 1.1.3 - Authenticated (Author+) Full Path DisclosureEPSS 0.6%CVE-2023-3064HIGHMobatime mobile application - Sensitive information disclosureEPSS 0.6%CVE-2025-25192MEDIUMGLPI allows unauthorized access to debug modeEPSS 0.6%CVE-2021-4430LOWOrtus Solutions ColdBox Elixir ENV Variable defaultConfig.js information disclosureEPSS 0.6%CVE-2025-22612CRITICALCoolify Vulnerable to Private Key Enumeration on Onboarding resulting in Remote Command Execution (RCE)EPSS 0.6%CVE-2022-35246MEDIUMA NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 in the getS3FileUrl MeteEPSS 0.6%CVE-2024-51123HIGHAn issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 allows a remote attacker to obtain sensitive information viaEPSS 0.6%CVE-2025-26521HIGHApache CloudStack: CKS cluster in project exposes user API keysEPSS 0.6%CVE-2023-45024HIGHBest Practical Request Tracker (RT) 5 before 5.0.5 allows Information Disclosure via a transaction search in the transaction query builder.EPSS 0.6%CVE-2021-39008LOWIBM QRadar WinCollect Agent information disclosureEPSS 0.6%