Falhas do tipo CWE-200

3.933 resultados
CVE-2025-43367MEDIUMA privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to acceEPSS 0.2%CVE-2022-1662In convert2rhel, there's an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password EPSS 0.2%CVE-2024-8612LOWQemu-kvm: information leak in virtio devicesEPSS 0.2%CVE-2024-56443MEDIUMCross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service EPSS 0.2%CVE-2025-55276LOWHCL Aftermarket DPC is affected by Internal IP Disclosure vulnerabilityEPSS 0.2%CVE-2024-23107MEDIUMAn exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiWeb version 7.4.0, version 7.2.4 and below, veEPSS 0.2%CVE-2026-32618MEDIUMDiscourse: Unauthorized channel membership inference via excluded_memberships_channel_idEPSS 0.2%CVE-2025-11645LOWTomofun Furbo Mobile App Authentication Token sensitive informationEPSS 0.2%CVE-2026-32620MEDIUMDiscourse: Missing post-level authorization allows whisper metadata disclosureEPSS 0.2%CVE-2026-32951MEDIUMDiscourse: Authorization bypass in oneboxer via user-controlled category idEPSS 0.2%CVE-2023-42934MEDIUMAn information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17.EPSS 0.2%CVE-2026-32100MEDIUMswag/platform-security: `/api/_info/config` route exposes information about licenses and active security fixesEPSS 0.2%CVE-2021-20260A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with EPSS 0.2%CVE-2025-2348MEDIUMIROAD Dash Cam FX2 HTTP/RTSP event information disclosureEPSS 0.2%CVE-2025-52473MEDIUMliboqs secret-dependent branching in HQC reference implementation when compiled with Clang 17-20EPSS 0.2%CVE-2026-5375LOWrunZero Platform API credential information leakEPSS 0.2%CVE-2024-0093MEDIUMCVEEPSS 0.2%CVE-2025-52631LOWHCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability.EPSS 0.2%CVE-2021-3923LOWA flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel sEPSS 0.2%CVE-2025-30291MEDIUMColdFusion | Information Exposure (CWE-200)EPSS 0.2%