Falhas do tipo CWE-200
3.920 resultadosCVE-2024-6757MEDIUMElementor <= 3.23.5 - Authenticated (Contributor+) Basic Information Exposure via get_image_alt FunctionEPSS 0.4%CVE-2024-7319MEDIUMOpenstack-heat: incomplete fix for cve-2023-1625EPSS 0.4%CVE-2024-23493MEDIUM Team associated AD/LDAP Groups Leaked due to missing authorizationEPSS 0.4%CVE-2024-38749MEDIUMWordPress Olive One Click Demo Import plugin <= 1.1.2 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-13086MEDIUMQTS, QuTS heroEPSS 0.4%CVE-2024-43258MEDIUMWordPress Store Locator Plus® for WordPress plugin <= 2311.17.01 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-47923MEDIUMMashov – CWE-200: Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.4%CVE-2022-34351MEDIUMIBM QRadar SIEM information disclosureEPSS 0.4%CVE-2025-49200MEDIUMUnencrypted backup contains sensitive informationEPSS 0.4%CVE-2025-52898HIGHFrappe account takeover via password reset token leakageEPSS 0.4%CVE-2025-22960HIGHA session hijacking vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters. Unauthenticated aEPSS 0.4%CVE-2022-1353—A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged useEPSS 0.4%CVE-2023-37239—Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to cEPSS 0.4%CVE-2024-6556MEDIUMSmartCrawl WordPress SEO checker, SEO analyzer, SEO optimizer <= 3.10.8 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2025-30439MEDIUMThe issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, visionOS 2.4, watchOS 11.EPSS 0.4%CVE-2025-53886MEDIUMDirectus doesn't redact tokens in Flow logsEPSS 0.4%CVE-2026-34785HIGHRack: Local file inclusion in `Rack::Static` via URL Prefix MatchingEPSS 0.4%CVE-2017-12361—A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the JaEPSS 0.4%CVE-2025-7394HIGHIn the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for prEPSS 0.4%CVE-2025-62604MEDIUMMeterSphere logic flaw allows retrieval of arbitrary user informationEPSS 0.4%