Falhas do tipo CWE-200

3.932 resultados
CVE-2026-44736MEDIUMOpenProject: Relations API Filter Bypasses Visibility Scope, Leaking Cross-Project Work Package SubjectsEPSS 0.3%CVE-2025-57755HIGHclaude-code-router CORS. misconfigurationEPSS 0.3%CVE-2024-3262MEDIUMInformation exposure vulnerability in Request Tracker (RT)EPSS 0.3%CVE-2026-12111MEDIUMAppointment Booking Calendar <= 1.4.01 - Authenticated (Contributor+) Sensitive Information Exposure via 'id' ParameterEPSS 0.3%CVE-2023-30853HIGHGradle Build Action data written to GitHub Actions Cache may expose secretsEPSS 0.3%CVE-2026-5075MEDIUMAll in One SEO <= 4.9.7 - Authenticated (Contributor+) Sensitive Information Exposure via 'internalOptions' Localized Script DataEPSS 0.3%CVE-2025-5690MEDIUMCursor allows PostgreSQL Anonymizer masked user to gain unauthorized access to authentic dataEPSS 0.3%CVE-2026-2783MEDIUMInformation disclosure due to JIT miscompilation in the JavaScript Engine: JIT componentEPSS 0.3%CVE-2025-30454MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS SonEPSS 0.3%CVE-2025-59921MEDIUMAn exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiADC version 7.4.0, version 7.2.3 and EPSS 0.3%CVE-2026-33422LOWDiscourse exposes ip_address of flagged userEPSS 0.3%CVE-2025-46676LOWDell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 releaseEPSS 0.3%CVE-2025-12585MEDIUMMxChat – AI Chatbot for WordPress <= 2.5.5 - Unauthenticated Information ExposureEPSS 0.3%CVE-2025-61688HIGHOmni leaks information via the APIEPSS 0.3%CVE-2026-8995MEDIUMPoll Maker by AYS <= 6.3.7 - Authenticated (Subscriber+) Sensitive Information Exposure in 'ays_poll_get_user_information' AJAX ActionEPSS 0.3%CVE-2020-27290In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an information disclosure vulnerability in the ventilator allows attackers wEPSS 0.3%CVE-2025-59031MEDIUMDovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can useEPSS 0.3%CVE-2022-0553MEDIUMPossible to retrieve uncrypted firmware imageEPSS 0.3%CVE-2025-3031MEDIUMJIT optimization bug with different stack slot sizesEPSS 0.3%CVE-2025-31955HIGHHCL iAutomate is affected by a sensitive data exposure vulnerabilityEPSS 0.3%