Falhas do tipo CWE-200

3.911 resultados
CVE-2024-6506HIGHInformation exposure vulnerability in the MRW plug-inEPSS 0.5%CVE-2025-23212HIGHTandoor Recipes - Local file disclosure - Users can read the content of any file on the serverEPSS 0.5%CVE-2024-47848MEDIUMUser can review/unreview articles while blockedEPSS 0.5%CVE-2025-56161HIGHYOSHOP 2.0 allows unauthenticated information disclosure via comment-list API endpoints in the Goods module. The Comment model eagerly loadsEPSS 0.5%CVE-2021-45475MEDIUMInformation disclosure in Yordam Library Information Document Automation ProgramEPSS 0.5%CVE-2021-26333AMD Chipset Driver Information Disclosure VulnerabilityEPSS 0.5%CVE-2022-2408MEDIUMGuest accounts can list all public channelsEPSS 0.5%CVE-2023-23935LOWPresence of restricted personal Discourse messages may be leaked if tagged with a tag EPSS 0.5%CVE-2023-47392An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted addEPSS 0.5%CVE-2024-24215MEDIUMAn issue in the component /cgi-bin/GetJsonValue.cgi of Cellinx NVT Web Server 5.0.0.014 allows attackers to leak configuration information vEPSS 0.5%CVE-2026-25199CRITICALApache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance AccessEPSS 0.5%CVE-2023-47393An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the maintenance orders of other users and access sEPSS 0.5%CVE-2023-49278MEDIUMUmbraco CMS brute force exploit can be used to collect valid usernamesEPSS 0.5%CVE-2025-8620MEDIUMGiveWP – Donation Plugin and Fundraising Platform <= 4.6.0 - Unauthenticated Donor Data ExposureEPSS 0.5%CVE-2024-39344HIGHAn issue was discovered in the Docusign API package 8.142.14 for Salesforce. The Apttus_DocuApi__DocusignAuthentication__mdt object is instaEPSS 0.5%CVE-2023-50271HIGHHP-UX System Management Homepage, Disclosure of InformationEPSS 0.5%CVE-2024-26309MEDIUMArcher Platform 6.x before 6.14 P2 HF2 (6.14.0.2.2) contains a sensitive information disclosure vulnerability. An unauthenticated attacker cEPSS 0.5%CVE-2024-57716HIGHAn issue in trenoncourt AutoQueryable v.1.7.0 allows a remote attacker to obtain sensitive information via the Unselectable function.EPSS 0.5%CVE-2026-32609HIGHGlances has Incomplete Secrets Redaction: /api/v4/args Endpoint Leaks Password Hash and SNMP CredentialsEPSS 0.5%CVE-2023-5552HIGHA password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in SophEPSS 0.5%