Weaknesses of type CWE-200

3,929 results
CVE-2025-20232MEDIUMRisky Command Safeguards Bypass in “/app/search/search“ endpoint through “s“ parameter in Splunk EnterpriseEPSS 0.4%CVE-2023-46701MEDIUMInaccessible Post Information Leak via Run Timeline IDOREPSS 0.4%CVE-2023-52126MEDIUMWordPress Send Users Email Plugin <= 1.4.3 is vulnerable to Sensitive Data ExposureEPSS 0.4%CVE-2025-24373MEDIUMUnrestricted Access to PDF Documents via URL Manipulation in woocommerce-pdf-invoices-packing-slipsEPSS 0.4%CVE-2024-12140MEDIUMElementor AI Addons – 70 Widgets, Premium Templates, Ultimate Elements <= 2.2.1 - Authenticated (Contributor+) Private Templates Content DisclosureEPSS 0.4%CVE-2025-20226MEDIUMRisky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk EnterpriseEPSS 0.4%CVE-2023-50324MEDIUMIBM Cognos Command Center information disclosureEPSS 0.4%CVE-2025-61780MEDIUMRack has Possible Information Disclosure VulnerabilityEPSS 0.4%CVE-2024-6574MEDIUMLaposta <= 1.12 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2025-3978MEDIUMdazhouda lecms user_set.htm information disclosureEPSS 0.4%CVE-2026-47340MEDIUMApache DolphinScheduler: An incorrect authorization vulnerability allows authenticated users to access alert instances associated with alert groups they do not have permission to access.EPSS 0.4%CVE-2025-8525MEDIUMExrick xboot Spring Boot Admin/Spring Actuator information disclosureEPSS 0.4%CVE-2025-5436MEDIUMMultilaser Sirius RE016 cstecgi.cgi information disclosureEPSS 0.4%CVE-2024-4837MEDIUMTrust Boundary Violation VulnerabilityEPSS 0.4%CVE-2024-54134HIGH@solana/web3.js modified package published to npm, containing malware that exfiltrates private key materialEPSS 0.4%CVE-2024-22301MEDIUMWordPress Albo Pretorio Online Plugin <= 4.6.6 is vulnerable to Sensitive Data ExposureEPSS 0.4%CVE-2025-70829MEDIUMAn information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to access sensitive data via a custom H2 JDBC conEPSS 0.4%CVE-2025-15121MEDIUMJeecgBoot getDeptRoleByUserId information disclosureEPSS 0.4%CVE-2025-25281HIGHOutback Power Mojave Inverter Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.4%CVE-2026-58033MEDIUM"Total number of distinct authors" statistic at action=info does not exclude revisions where the author name was deletedEPSS 0.4%