Falhas do tipo CWE-200

3.933 resultados
CVE-2026-47351MEDIUMTYPO3 CMS - Broken Access Control in ClipboardEPSS 0.2%CVE-2025-62524MEDIUMPILOS Exposes PHP versionEPSS 0.2%CVE-2025-55342MEDIUMQuipux 4.0.1 through e1774ac allows enumeration of usernames, and accessing the Ecuadorean identification number for all registered users viEPSS 0.2%CVE-2025-64427HIGHZimaOS is vulnerable to Server-Side Request Forgery (SSRF)EPSS 0.2%CVE-2026-4733MEDIUMInformation disclosure in ixray-1.6-stcopEPSS 0.2%CVE-2026-34092LOWBlock UI elements in 'tools'-sidebar shows presence of an autoblocked IPEPSS 0.2%CVE-2025-43455MEDIUMA privacy issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOEPSS 0.2%CVE-2021-3736A flaw was found in the Linux kernel. A memory leak problem was found in mbochs_ioctl in samples/vfio-mdev/mbochs.c in Virtual Function I/O EPSS 0.2%CVE-2024-36910MEDIUMuio_hv_generic: Don't free decrypted memoryEPSS 0.2%CVE-2025-1868MEDIUMInformation display on multiple products from Famatech CorpEPSS 0.2%CVE-2025-65090MEDIUMXWiki Full Calendar Macro vulnerable to data leak through Calendar.JSONServiceEPSS 0.2%CVE-2026-7636MEDIUMSlider by Soliloquy <= 2.8.1 - Authenticated (Subscriber+) Information Disclosure via REST API EndpointEPSS 0.2%CVE-2024-0340MEDIUMKernel: information disclosure in vhost/vhost.c:vhost_new_msg()EPSS 0.2%CVE-2022-22668A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious apEPSS 0.2%CVE-2025-27387HIGHOPPO Clone Phone uses weak WPA passphrase as only means of securityEPSS 0.2%CVE-2026-44779MEDIUMDiscourse: Bot debug endpoints disclose whisper translation audit logsEPSS 0.2%CVE-2021-21536MEDIUMDell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vuEPSS 0.2%CVE-2021-21537MEDIUMDell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vuEPSS 0.2%CVE-2026-30847CRITICALWekan Credential Leak via notificationUsers Publication Exposes Password Hashes and Session TokensEPSS 0.2%CVE-2026-54673HIGHelectron-updater: Cross-origin redirect leaks `PRIVATE-TOKEN` and mixed-case `Authorization` credentials in `builder-util-runtime`EPSS 0.2%