Falhas do tipo CWE-200
3.889 resultadosCVE-2021-4076—A flaw exists in tang, a network-based cryptographic binding server, which could result in leak of private keys.EPSS 1.5%CVE-2008-3893MEDIUMMicrosoft Bitlocker in Windows Vista before SP1 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear thisEPSS 1.5%CVE-2018-12127MEDIUMMicroarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authentiEPSS 1.5%CVE-2018-12126MEDIUMMicroarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an auEPSS 1.5%CVE-2023-33933HIGHApache Traffic Server: s3_auth plugin problem with hash calculationEPSS 1.5%CVE-2018-1074HIGHovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentialEPSS 1.5%CVE-2021-41120HIGHUnauthorized access to Credit card form in sylius/paypal-pluginEPSS 1.5%CVE-2018-0474MEDIUMCisco Unified Communications Manager Digest Credentials Disclosure VulnerabilityEPSS 1.5%CVE-2023-37379—Apache Airflow: Exposure of sensitive connection information, DOS and SSRF on "test connection" featureEPSS 1.5%CVE-2018-13288MEDIUMInformation exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remoteEPSS 1.5%CVE-2018-13297MEDIUMInformation exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitEPSS 1.5%CVE-2018-0187MEDIUMCisco Identity Services Engine Privileged Account Sensitive Information Disclosure VulnerabilityEPSS 1.5%CVE-2023-40712—Apache Airflow: Secrets can be unmasked in the "Rendered Template" EPSS 1.5%CVE-2024-27905CRITICALApache Aurora: padding oracle can allow construction an authentication cookieEPSS 1.5%CVE-2025-26667MEDIUMWindows Routing and Remote Access Service (RRAS) Information Disclosure VulnerabilityEPSS 1.5%CVE-2024-10916MEDIUMD-Link DNS-320/DNS-320LW/DNS-325/DNS-340L HTTP GET Request info.xml information disclosureEPSS 1.5%CVE-2021-32717HIGHPrivate files publicly accessible with Cloud Storage providersEPSS 1.5%CVE-2022-40691MEDIUMAn information disclosure vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. EPSS 1.5%CVE-2021-21376MEDIUMInformation Exposure in OMERO.webEPSS 1.5%CVE-2021-39164LOWImproper authorisation of /members discloses room membership to non-membersEPSS 1.5%