Falhas do tipo CWE-200
3.910 resultadosCVE-2024-22421HIGHPotential authentication and CSRF tokens leak in JupyterLabEPSS 0.7%CVE-2025-54376HIGHHoverfly's WebSocket endpoint `/api/v2/ws/logs` reachable without authentication even when --auth is enabled.EPSS 0.7%CVE-2023-3132MEDIUMMainWP Child <= 4.4.1.1 - Information Disclosure via Back-Up FilesEPSS 0.7%CVE-2026-50508MEDIUMWindows NTLM Spoofing VulnerabilityEPSS 0.7%CVE-2022-2939MEDIUMWP Cerber Security <= 9.0 - User Enumeration BypassEPSS 0.7%CVE-2023-47126LOWInformation Disclosure in Install Tool in typo3/cms-installEPSS 0.7%CVE-2022-20811MEDIUMCisco TelePresence Collaboration Endpoint and RoomOS Software VulnerabilitiesEPSS 0.7%CVE-2022-45634MEDIUMAn issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive aEPSS 0.7%CVE-2023-20866MEDIUMIn Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive informatioEPSS 0.7%CVE-2024-47824HIGHMalicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a roomEPSS 0.7%CVE-2019-15577—An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed project milestones to be disclEPSS 0.7%CVE-2024-33865HIGHAn issue was discovered in linqi before 1.4.0.1 on Windows. There is an NTLM hash leak via the /api/Cdn/GetFile and /api/DocumentTemplate/{GEPSS 0.7%CVE-2024-6861HIGHForeman: foreman: oauth secret exposure via unauthenticated access to the graphql apiEPSS 0.7%CVE-2023-44150HIGHWordPress ProfilePress Plugin <= 4.13.2 is vulnerable to Sensitive Data ExposureEPSS 0.7%CVE-2022-1070HIGHCHANNEL ACCESSIBLE BY NON-ENDPOINT CWE-300EPSS 0.7%CVE-2025-30224MEDIUMMyDumper arbitrary file read issueEPSS 0.7%CVE-2023-30540LOWChat poll data can still be queried from API after purging history in Nextcloud talkEPSS 0.7%CVE-2022-2704MEDIUMSourceCodester Simple E-Learning System downloadFiles.php information disclosureEPSS 0.7%CVE-2024-53862MEDIUMArgo Workflows Allows Access to Archived Workflows with Fake Token in `client` modeEPSS 0.7%CVE-2022-43410MEDIUMJenkins Mercurial Plugin 1251.va_b_121f184902 and earlier provides information about which jobs were triggered or scheduled for polling throEPSS 0.7%