Falhas do tipo CWE-200
3.898 resultadosCVE-2025-24250CRITICALThis issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13EPSS 0.9%CVE-2025-24246CRITICALAn injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.EPSS 0.9%CVE-2022-47070HIGHNVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will be sent to the server twice. In the secoEPSS 0.9%CVE-2021-41123MEDIUMExposure of Sensitive Information to an Unauthorized Actor in WB.UI.Headquarters.dllEPSS 0.9%CVE-2024-38650CRITICALAn authentication bypass vulnerability can allow a low privileged attacker to access the NTLM hash of service account on the VSPC server.EPSS 0.9%CVE-2019-19283—A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about tEPSS 0.9%CVE-2025-59716MEDIUMownCloud Guests before 0.12.5 allows unauthenticated user enumeration via the /apps/guests/register/{email}/{token} endpoint. Because of insEPSS 0.9%CVE-2021-21443LOWUnautorized listing of the customer user emailsEPSS 0.9%CVE-2022-31068MEDIUMSensitive Data Exposure on Refused Inventory Files in GLPIEPSS 0.9%CVE-2021-39224LOWFile path disclosure of shared files in OfficeOnline applicationEPSS 0.8%CVE-2023-0027MEDIUMRockwell Automation Modbus TCP AOI Server Could Leak Sensitive InformationEPSS 0.8%CVE-2024-6569MEDIUMCampaign Monitor for WordPress <= 2.8.15 - Unauthenticated Full Path DisclosureEPSS 0.8%CVE-2023-2446MEDIUMUserPro <= 5.1.1 - Sensitive Information Disclosure via ShortcodeEPSS 0.8%CVE-2023-24923MEDIUMMicrosoft OneDrive for Android Information Disclosure VulnerabilityEPSS 0.8%CVE-2024-39676HIGHApache Pinot: Unauthorized endpoint exposed sensitive informationEPSS 0.8%CVE-2021-34702MEDIUMCisco Identity Services Engine Sensitive Information Disclosure VulnerabilityEPSS 0.8%CVE-2021-37703MEDIUMInformation exposure in DiscourseEPSS 0.8%CVE-2024-28442HIGHDirectory Traversal vulnerability in Yealink VP59 v.91.15.0.118 allows a physically proximate attacker to obtain sensitive information via tEPSS 0.8%CVE-2021-27424MEDIUMGE UR family exposure of sensitive information to an unauthorized actorEPSS 0.8%CVE-2022-35715MEDIUMIBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error messageEPSS 0.8%