Falhas do tipo CWE-200
3.890 resultadosCVE-2024-51739HIGHUsers enumeration allowed through Rest API in Combodo iTopEPSS 1.3%CVE-2022-27241—A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (AllEPSS 1.3%CVE-2016-0715—Pivotal Cloud Foundry Elastic Runtime version 1.4.0 through 1.4.5, 1.5.0 through 1.5.11 and 1.6.0 through 1.6.11 is vulnerable to a remote iEPSS 1.2%CVE-2024-43416HIGHGLPI vulnerable to enumeration of users' email addresses by unauthenticated userEPSS 1.2%CVE-2023-42846—This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1, iOS EPSS 1.2%CVE-2022-0813MEDIUMPhpMyAdmin exposure of sensitive informationEPSS 1.2%CVE-2017-15139MEDIUMA vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume EPSS 1.2%CVE-2022-0577HIGHExposure of Sensitive Information to an Unauthorized Actor in scrapy/scrapyEPSS 1.2%CVE-2018-0109—A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application.EPSS 1.2%CVE-2023-43791CRITICALLabel Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session TokensEPSS 1.2%CVE-2022-29248HIGHCross-domain cookie leakage in GuzzleEPSS 1.2%CVE-2017-12365—A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerabEPSS 1.2%CVE-2022-26885HIGHApache DolphinScheduler config file read by task riskEPSS 1.2%CVE-2017-9628—An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69EPSS 1.2%CVE-2023-45725—Apache CouchDB, IBM Cloudant: Privilege Escalation Using _design DocumentsEPSS 1.2%CVE-2023-45348—Apache Airflow: Configuration information leakage vulnerabilityEPSS 1.2%CVE-2024-30570MEDIUMAn information leak in debuginfo.htm of Netgear R6850 v1.1.0.88 allows attackers to obtain sensitive information without any authentication EPSS 1.2%CVE-2021-22917—Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowiEPSS 1.2%CVE-2022-39201MEDIUMData source and plugin proxy endpoints could leak the authentication cookie to some destination pluginsEPSS 1.2%CVE-2018-10627CRITICALEchelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versionsEPSS 1.2%