Falhas do tipo CWE-201
333 resultadosCVE-2022-27671—A CSRF token visible in the URL may possibly lead to information disclosure vulnerability.EPSS 1.2%CVE-2021-32653LOWDefault settings leak federated cloud ID to lookup server of all usersEPSS 1.2%CVE-2024-50378MEDIUMApache Airflow: Secrets not masked in UI when sensitive variables are set via Airflow cliEPSS 1.2%CVE-2025-62039HIGHWordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.6.6 - Sensitive Data Exposure vulnerabilityEPSS 1.2%CVE-2023-34968MEDIUMSamba: spotlight server-side share path disclosureEPSS 1.2%CVE-2024-37881MEDIUMSiteGuard WP Plugin provides a functionality to customize the path to the login page wp-login.php and implements a measure to avoid redirectEPSS 1.2%CVE-2021-1129MEDIUMCisco Email Security Appliance, Cisco Content Security Management Appliance, and Cisco Web Security Appliance Information Disclosure VulnerabilityEPSS 1.1%CVE-2019-15580—An information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, EPSS 1.1%CVE-2020-27133CRITICALCisco Jabber Desktop and Mobile Client Software VulnerabilitiesEPSS 1.1%CVE-2024-43283MEDIUMWordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosure vulnerabilityEPSS 1.1%CVE-2020-8975HIGHZGR TPS200 NG Information ExposureEPSS 1.0%CVE-2020-5364MEDIUMDell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability. The SNMPv2 services is enabled, by default, with a pre-conEPSS 1.0%CVE-2025-24582MEDIUMWordPress 12 Step Meeting List plugin <= 3.16.5 - Sensitive Data Exposure vulnerabilityEPSS 0.9%CVE-2020-1774MEDIUMInformation disclosureEPSS 0.9%CVE-2020-13597MEDIUMCalico nodes IPv6 traffic redirection from route advertismentEPSS 0.9%CVE-2024-32782MEDIUMWordPress HT Mega plugin <= 2.4.7 - Sensitive Data Exposure vulnerabilityEPSS 0.9%CVE-2025-26318MEDIUMhb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote attackers to retrieve a list of all domain accounts currently connectedEPSS 0.8%CVE-2022-0018MEDIUMGlobalProtect App: Information Exposure Vulnerability When Connecting to GlobalProtect Portal With Single Sign-On EnabledEPSS 0.7%CVE-2023-48240CRITICALXWiki Platform sends cookies to external images in rendered diff and is vulnerable to server side request forgeryEPSS 0.7%CVE-2020-37150HIGHEdimax Technology EW-7438RPn-v3 Mini 1.27 - Unauthorized Access: Wi-Fi Password DisclosureEPSS 0.7%