Falhas do tipo CWE-200
3.929 resultadosCVE-2026-42223MEDIUMnginx-ui: Settings API Exposes Protected SecretsEPSS 0.3%CVE-2025-68718MEDIUMKAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials (root:1234567EPSS 0.3%CVE-2025-24270MEDIUMThis issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4EPSS 0.3%CVE-2026-32270LOWCraft Commerce: Unauthenticated information disclosure in `commerce/payments/pay` can leak some customer order data on anonymous paymentsEPSS 0.3%CVE-2022-42854MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1. An app may be able EPSS 0.3%CVE-2024-54117MEDIUMCross-process screen stack vulnerability in the UIExtension module
Impact: Successful exploitation of this vulnerability may affect service EPSS 0.3%CVE-2025-15070MEDIUMData Exposure in Gmission Web FAXEPSS 0.3%CVE-2026-41954MEDIUMiControl REST and tmsh vulnerabilityEPSS 0.3%CVE-2025-13660MEDIUMGuest Support <= 1.2.3 - Unauthenticated User Email Disclosure in guest_support_handler AJAX EndpointEPSS 0.3%CVE-2020-10782MEDIUMAn exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be EPSS 0.3%CVE-2026-33394LOWDiscourse leaks PM post edits to moderatorsEPSS 0.3%CVE-2025-8484MEDIUMCode Quality Control Tool <= 2.1 - Unauthenticated Information Exposure via Log FilesEPSS 0.3%CVE-2025-10535HIGHInformation disclosure, mitigation bypass in the Privacy component in Firefox for AndroidEPSS 0.3%CVE-2021-0166MEDIUMExposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet/Wireless Wi-Fi in multiple operating systemsEPSS 0.3%CVE-2026-5601MEDIUMAcrel Electrical Prepaid Cloud Platform Backup File bin.rar information disclosureEPSS 0.3%CVE-2026-8033MEDIUMPicoTronica e-Clinic Healthcare System ECHS Response Header v2 information disclosureEPSS 0.3%CVE-2025-53134HIGHWindows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityEPSS 0.3%CVE-2025-27980MEDIUMcashbook v4.0.3 has an arbitrary file read vulnerability in /api/entry/flow/invoice/show?invoice=.EPSS 0.3%CVE-2026-11458MEDIUMerzhongxmu JeeWMS Boot Actuator Endpoint actuator information disclosureEPSS 0.3%CVE-2026-30845MEDIUMWekan Exposes Sensitive Data through Lack of Field Filtering During Board PublicationEPSS 0.3%