Fallos del tipo CWE-200
3910 resultadosCVE-2024-27120HIGHLocal File Inclusion in ComfortKey before version 24.1.2EPSS 0.5%CVE-2024-46979MEDIUMData leak of notification filters of users in XWiki PlatformEPSS 0.5%CVE-2023-24567HIGH
Dell NetWorker versions 19.5 and earlier contain 'RabbitMQ' version disclosure vulnerability. A NetWorker server user with remote access toEPSS 0.5%CVE-2024-56136MEDIUM/api/v1/jwt/fetch_api_key endpoint can leak if an email address has an account in Zulip serverEPSS 0.5%CVE-2023-25544HIGH
Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote acceEPSS 0.5%CVE-2024-36107MEDIUMInformation disclosure in minioEPSS 0.5%CVE-2024-30263HIGHThe PDF Viewer macro can be used to view PDF attachments with restricted accessEPSS 0.5%CVE-2024-4266MEDIUMMetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information ExposureEPSS 0.5%CVE-2024-25120MEDIUMImproper Access Control of Resources Referenced by t3:// URI Scheme in TYPO3EPSS 0.5%CVE-2026-42498HIGHApache Tomcat: WebSocket authentication header exposureEPSS 0.5%CVE-2023-40348—The webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs inEPSS 0.5%CVE-2022-39212MEDIUMLast video frame is still sent after video is disabled in a call in Nextcloud TalkEPSS 0.5%CVE-2024-32716MEDIUMWordPress StreamWeasels Twitch Integration plugin <= 1.7.8 - API Sensitive Data Exposure vulnerabilityEPSS 0.5%CVE-2025-9005MEDIUMmtons mblog register information exposureEPSS 0.5%CVE-2023-28421MEDIUMWordPress WordPress Email Marketing Plugin – WP Email Capture Plugin <= 3.10 is vulnerable to Sensitive Data ExposureEPSS 0.5%CVE-2022-32784—The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafEPSS 0.5%CVE-2023-2514MEDIUMDB username/password revealed in application logsEPSS 0.5%CVE-2021-33146MEDIUMImproper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unautEPSS 0.5%CVE-2023-1775MEDIUMUnsanitized events sent over Websocket to regular users in a High Availability environmentEPSS 0.5%CVE-2022-1663—Stop Spam Comments <= 0.2.1.2 - Access Token BypassEPSS 0.5%