Falhas do tipo CWE-200

3.914 resultados
CVE-2024-29842HIGHBroken Access control on DESKTOP_EDIT_USER_GET_ABACARD_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve ABACARD values EPSS 0.5%CVE-2024-29840HIGHBroken Access control on DESKTOP_EDIT_USER_GET_PIN_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve PIN field valuesEPSS 0.5%CVE-2024-29839HIGHBroken Access control on DESKTOP_EDIT_USER_GET_CARD in Evolution Controller allows unauthenticated attackers to retrieve card data values.EPSS 0.5%CVE-2024-29841HIGHBroken Access control on DESKTOP_EDIT_USER_GET_KEYS_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve keys values EPSS 0.5%CVE-2025-14915MEDIUMIBM WebSphere Application Server Liberty is affected by a privilege escalation vulnerabilityEPSS 0.5%CVE-2024-29843HIGHBroken Access control on MOBILE_GET_USERS_LIST in Evolution Controller allows unauthenticated user enumerationEPSS 0.5%CVE-2025-57437CRITICALThe Blackmagic Web Presenter HD firmware version 3.3 exposes sensitive information via an unauthenticated Telnet service on port 9977. When EPSS 0.5%CVE-2023-1683MEDIUMXunrui CMS system_log.html information disclosureEPSS 0.5%CVE-2022-39385MEDIUMUsers erroneously and transparently added to private messages in DiscourseEPSS 0.5%CVE-2026-8750MEDIUMh2oai h2o-3 ImportFile API PersistNFS.java importFiles information disclosureEPSS 0.5%CVE-2024-6612MEDIUMCSP violation leakage when using devtoolsEPSS 0.5%CVE-2025-21620HIGHDeno's authorization headers not dropped when redirecting cross-originEPSS 0.5%CVE-2025-24239MEDIUMA downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to EPSS 0.5%CVE-2024-25121HIGHImproper Access Control Persisting File Abstraction Layer Entities via Data Handler in TYPO3EPSS 0.5%CVE-2024-2974MEDIUMEssential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.13 - Unauthenticated Sensitive Information ExposureEPSS 0.5%CVE-2024-2920MEDIUMWP-Members Membership Plugin <= 3.4.9.3 - Unprotected Storage of Potentially Sensitive FilesEPSS 0.5%CVE-2023-24505MEDIUMMilesight NCR/Camera CWE-200: Exposure of Sensitive InformationEPSS 0.5%CVE-2024-3733MEDIUMEssential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.15 - Information ExposureEPSS 0.5%CVE-2024-46471HIGHThe Directory Listing in /uploads/ Folder in CodeAstro Membership Management System 1.0 exposes the structure and contents of directories, pEPSS 0.5%CVE-2024-7418MEDIUMThe Post Grid <= 7.7.11 - Authenticated (Contributor+) Information DisclosureEPSS 0.5%