Falhas do tipo CWE-200
3.933 resultadosCVE-2026-45387MEDIUMOpen WebUI: Sharing models for others to use (read permission) also exposes model details (system prompt leakage)EPSS 0.2%CVE-2025-61639LOWSuppressed blocked IP is visible in Special:BlockList, RC, and other placesEPSS 0.2%CVE-2024-28963MEDIUMTelemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with loEPSS 0.2%CVE-2025-13997MEDIUMKing Addons for Elementor <= 51.1.49 - Unauthenticated API Keys DisclosureEPSS 0.2%CVE-2026-25135MEDIUMOpenEMR's location resource for Group.$export operation returns entire patient/user population contact informationEPSS 0.2%CVE-2026-42092MEDIUMGlobal Settings Publication Exposes Sensitive Configuration to Any Authenticated User in TitraEPSS 0.2%CVE-2026-21974MEDIUMVulnerability in the Oracle Life Sciences Central Designer product of Oracle Health Sciences Applications (component: Platform). The suppoEPSS 0.2%CVE-2025-12129MEDIUMCubeWP – All-in-One Dynamic Content Framework <= 1.1.27 - Unauthenticated Information ExposureEPSS 0.2%CVE-2022-48319MEDIUMHost secret disclosed in Checkmk logsEPSS 0.2%CVE-2025-26710LOWThere is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration of the access control mechanism, attackers cEPSS 0.2%CVE-2026-45739LOWStrawberry GraphQL: Default GraphiQL may expose HTTP headers in URLsEPSS 0.2%CVE-2026-33004MEDIUMJenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential EPSS 0.2%CVE-2025-15141LOWHalo Configuration actuator information disclosureEPSS 0.2%CVE-2023-1075LOWA flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entEPSS 0.2%CVE-2025-54966MEDIUMAn issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive informationEPSS 0.2%CVE-2025-47288LOWDiscourse Policy plugin private group members visibleEPSS 0.2%CVE-2022-36878LOWExposure of Sensitive Information in Find My Mobile prior to version 7.2.25.14 allows local attacker to access IMEI via log.EPSS 0.2%CVE-2026-47264MEDIUMDiscourse: Don't leak restricted tag group names via tag infoEPSS 0.2%CVE-2023-42936MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.EPSS 0.2%CVE-2026-44409MEDIUMInformation disclosure vulnerability in ZTE MU5250EPSS 0.2%