Fallos del tipo CWE-200

3910 resultados
CVE-2020-3525MEDIUMCisco Identity Services Engine Password Disclosure to an Unauthorized Actor VulnerabilityEPSS 0.5%CVE-2020-36835MEDIUMMigration, Backup, Staging – WPvivid <= 0.9.35 - Sensitive Information DisclosureEPSS 0.5%CVE-2023-22876MEDIUMIBM Sterling B2B Integrator information disclosureEPSS 0.5%CVE-2024-26136HIGHkedi ElectronCord's Discord Token is publicEPSS 0.5%CVE-2018-8863MEDIUMPhilips EncoreAnywhere Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.5%CVE-2023-45189MEDIUMIBM Robotic Process Automation information disclosureEPSS 0.5%CVE-2023-5545LOWMoodle: auto-populated h5p author name causes a potential information leakEPSS 0.5%CVE-2021-3031MEDIUMPAN-OS: Information exposure in Ethernet data frame construction (Etherleak)EPSS 0.5%CVE-2024-2795MEDIUMSEO SIMPLE PACK <= 3.2.1 - Information ExposureEPSS 0.5%CVE-2023-1777MEDIUMInformation disclosure in linked message previewsEPSS 0.5%CVE-2024-20990MEDIUMVulnerability in the Oracle Applications Technology product of Oracle E-Business Suite (component: Templates). Supported versions that are EPSS 0.5%CVE-2023-27447MEDIUMWordPress WP SMS Plugin <= 6.0.4 is vulnerable to Sensitive Data ExposureEPSS 0.5%CVE-2022-35247MEDIUMA information disclosure vulnerability exists in Rocket.chat <v5, <v4.8.2 and <v4.7.5 where the lack of ACL checks in the getRoomRoles MeteoEPSS 0.5%CVE-2023-6459MEDIUMPublic endpoint /metrics of Calls plugin reveals channel IDsEPSS 0.5%CVE-2025-12616MEDIUMPHPGurukul News Portal settings.py insertion of sensitive information into debugging codeEPSS 0.5%CVE-2024-24825CRITICALTokenManager not checking permissions on cached tokens in DIRACEPSS 0.5%CVE-2024-53859MEDIUMgo-gh `auth.TokenForHost` violates GitHub host security boundary within a codespaceEPSS 0.5%CVE-2024-7416MEDIUMReveal Template <= 3.7 - Unauthenticated Full Path DisclosureEPSS 0.5%CVE-2023-23622MEDIUMDiscourse: Presence of read restricted topics may be leaked if tagged with a tag that is visible to all usersEPSS 0.5%CVE-2024-26479MEDIUMAn issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the Command execution function.EPSS 0.5%