Fallos del tipo CWE-359
187 resultadosCVE-2025-43496HIGHThe issue was addressed by adding additional logic. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS SeqEPSS 0.5%CVE-2025-53765MEDIUMAzure Stack Hub Information Disclosure VulnerabilityEPSS 0.5%CVE-2024-11712MEDIUMWP Job Portal <= 2.2.2 - Missing Authorization to Unauthenticated Arbitrary Resume DownloadEPSS 0.4%CVE-2022-2720MEDIUMIn affected versions of Octopus Server it was identified that when a sensitive value is a substring of another value, sensitive value maskinEPSS 0.4%CVE-2024-28387HIGHAn issue in axonaut v.3.1.23 and before allows a remote attacker to obtain sensitive information via the log.txt component.EPSS 0.4%CVE-2025-65857HIGHAn issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSEPSS 0.4%CVE-2025-53625HIGHDynamicPageList3 exposes hidden/suppressed usernamesEPSS 0.4%CVE-2019-25762HIGHJoomla! Component JoomProject 1.1.3.2 Information DisclosureEPSS 0.4%CVE-2024-47085HIGHParameter Manipulation VulnerabilityEPSS 0.4%CVE-2024-45787HIGHInformation Disclosure VulnerabilityEPSS 0.4%CVE-2024-47087HIGHInformation Disclosure VulnerabilityEPSS 0.4%CVE-2024-42494HIGHRuijie Reyee OS Exposure of Private Personal Information to an Unauthorized ActorEPSS 0.4%CVE-2026-28906HIGHThis issue was addressed through improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, mEPSS 0.4%CVE-2024-38103MEDIUMMicrosoft Edge (Chromium-based) Information Disclosure VulnerabilityEPSS 0.4%CVE-2024-42347HIGHURL preview setting for a room is controllable by the homeserver in matrix-react-sdkEPSS 0.4%CVE-2024-37136MEDIUMDell Path to PowerProtect, versions 1.1, 1.2, contains an Exposure of Private Personal Information to an Unauthorized Actor vulnerability. AEPSS 0.4%CVE-2025-62644MEDIUMThe Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global Store Directory that shares personal informatioEPSS 0.4%CVE-2026-34226HIGHHappy DOM's fetch credentials include uses page-origin cookies instead of target-origin cookiesEPSS 0.4%CVE-2026-25699MEDIUMApache Answer: Authorization Bypass in Timeline APIEPSS 0.4%CVE-2026-54264HIGHAngular: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service WorkerEPSS 0.4%