Weaknesses of type CWE-200

3,929 results
CVE-2023-29111LOWInformation Disclosure vulnerability in SAP Application Interface Framework (ODATA service)EPSS 0.4%CVE-2026-25222MEDIUMPolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In EndpointEPSS 0.4%CVE-2024-3505MEDIUMJFrog Self-Hosted Artifactory Proxy configuration accessible to low-privilege usersEPSS 0.4%CVE-2022-20955MEDIUMCisco TelePresence Collaboration Endpoint and RoomOS Software VulnerabilitiesEPSS 0.4%CVE-2022-20954MEDIUMCisco TelePresence Collaboration Endpoint and RoomOS Software VulnerabilitiesEPSS 0.4%CVE-2024-52280HIGHUsers can issue watch commands for arbitrary resourcesEPSS 0.4%CVE-2026-27161HIGHUnauthenticated Information Disclosure via .htaccess Reliance in Sensitive DirectoriesEPSS 0.4%CVE-2024-13525MEDIUMCustomer Email Verification for WooCommerce <= 2.9.4 - Authenticated (Contributor+) Sensitive Information ExposureEPSS 0.4%CVE-2023-38494MEDIUMThe cloud version of the MeterSphere interface leaks some sensitive data without authenticationEPSS 0.4%CVE-2026-7041MEDIUM666ghj MiroFish Werkzeug Debugger PIN console information disclosureEPSS 0.4%CVE-2023-28357MEDIUMA vulnerability has been identified in Rocket.Chat, where the ACL checks in the Slash Command /mute occur after checking whether a user is aEPSS 0.4%CVE-2022-31746MEDIUMInternal URLs are protected by a secret UUID key, which could have been leaked to web page through the Referrer header. This vulnerability aEPSS 0.4%CVE-2025-49184HIGHInformation disclosure to unauthorized userEPSS 0.4%CVE-2026-2975MEDIUMFastApiAdmin Custom Documentation Endpoint init_app.py reset_api_docs information disclosureEPSS 0.4%CVE-2025-43449HIGHThe issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious app may be able to trEPSS 0.4%CVE-2024-55951MEDIUMMetabase sandboxed users could see filter values from other sandboxed usersEPSS 0.4%CVE-2026-0883MEDIUMInformation disclosure in the Networking componentEPSS 0.4%CVE-2024-3228MEDIUMSocial Sharing Plugin – Kiwi <= 2.1.7 - Information DisclosureEPSS 0.4%CVE-2026-55447CRITICALLangflow: BaseFileComponent-based nodes arbitrary file read with RCE exploitEPSS 0.4%CVE-2026-24498MEDIUMExposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX200EPSS 0.4%