Fallos del tipo CWE-200
3910 resultadosCVE-2023-6136MEDIUMWordPress Debug Log Manager Plugin <= 2.3.0 is vulnerable to Sensitive Data ExposureEPSS 0.6%CVE-2023-23624MEDIUMDiscourse's exclude_tags param could leak which topics had a specific hidden tagEPSS 0.6%CVE-2024-11297MEDIUMPage Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.6 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.6%CVE-2019-14802MEDIUMHashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template renderinEPSS 0.6%CVE-2024-52517MEDIUMNextcloud Server's global credentials of external storages are sent back to the frontendEPSS 0.6%CVE-2022-31070MEDIUMPotential Sensitive Cookie Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxyEPSS 0.6%CVE-2022-31069MEDIUMPotential Authorization Header Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxyEPSS 0.6%CVE-2024-4173HIGHSANnav versions exposes Kafka in the wan interface.EPSS 0.6%CVE-2024-8884CRITICALCWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that
could cause exposure of credentials when attacEPSS 0.6%CVE-2025-68438HIGHApache Airflow: Secrets in rendered templates could contain parts of sensitive values when truncatedEPSS 0.6%CVE-2025-58752LOWVite's `server.fs` settings were not applied to HTML filesEPSS 0.6%CVE-2024-7414MEDIUMPDF Builder for WPForms <= 1.2.116 - Unauthenticated Full Path DisclosureEPSS 0.6%CVE-2024-6562MEDIUMaffiliate-toolkit <= 3.5.5 - Unauthenticated Full Path DislcosureEPSS 0.6%CVE-2024-0242HIGHUnauthorized access to settings in Qolsys IQ Panel 4 and IQ4 HubEPSS 0.6%CVE-2023-39736HIGHThe leakage of the client secret in Fukunaga_memberscard Line 13.6.1 allows attackers to obtain the channel access token and send crafted brEPSS 0.6%CVE-2022-31046MEDIUMInformation Disclosure via Export Module in TYPO3 CMSEPSS 0.6%CVE-2023-39735HIGHThe leakage of the client secret in Uomasa_Saiji_news Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadEPSS 0.6%CVE-2023-39739HIGHThe leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted brEPSS 0.6%CVE-2024-34388HIGHWordPress GDPR Compliance plugin <= 1.2.5 - Sensitive Data Exposure vulnerabilityEPSS 0.6%CVE-2022-36777MEDIUMIBM Cloud Pak for Security information disclosureEPSS 0.6%