Falhas do tipo CWE-200
3.929 resultadosCVE-2024-6426HIGHInformation exposure vulnerability vulnerability in MESbookEPSS 0.3%CVE-2024-58255MEDIUMEnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution.EPSS 0.3%CVE-2026-45332HIGHAutomad Broken Access Control: unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpointEPSS 0.3%CVE-2024-8494MEDIUMElementor Website Builder Pro – More than Just a Page Builder <= 3.25.10 - Authenticated (Contributor+) Sensitive Information Exposure via ShortcodeEPSS 0.3%CVE-2026-33677MEDIUMWebhook BasicAuth Credentials Exposed to Read-Only Project Collaborators via APIEPSS 0.3%CVE-2026-10055HIGHIn Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connecteEPSS 0.3%CVE-2025-54323HIGHAn issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and EPSS 0.3%CVE-2025-52268HIGHStarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid EPSS 0.3%CVE-2025-6722MEDIUMBitFire <= 4.5 - Unauthenticated Information ExposureEPSS 0.3%CVE-2024-36118LOWUnauthorized viewing of workspace test cases in MeterSphereEPSS 0.3%CVE-2025-60858HIGHReolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext within its configuration and update scripts,EPSS 0.3%CVE-2025-30447MEDIUMThe issue was resolved by sanitizing logging. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS SonoEPSS 0.3%CVE-2024-34029MEDIUMAD/LDAP Group Members LeakEPSS 0.3%CVE-2025-61220HIGHThe incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows attackers to log in as other users and gain unauEPSS 0.3%CVE-2023-47616LOWA CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8EPSS 0.3%CVE-2018-0106—A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access EPSS 0.3%CVE-2026-42223MEDIUMnginx-ui: Settings API Exposes Protected SecretsEPSS 0.3%CVE-2025-24270MEDIUMThis issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4EPSS 0.3%CVE-2026-26069CRITICALScraparr Readarr Integration exposes sensitive values as metric labels.EPSS 0.3%CVE-2024-11299MEDIUMMemberpress <= 1.11.37 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.3%