Weaknesses of type CWE-200
3,929 resultsCVE-2022-3611HIGHAn information disclosure vulnerability has been identified in the Lenovo App Store which may allow some applications to gain unauthorized aEPSS 0.4%CVE-2024-33626MEDIUMThe LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive informaEPSS 0.4%CVE-2024-5813MEDIUMSSH Private Key Leak in BeyondInsight PasswordSafeEPSS 0.4%CVE-2024-26312MEDIUMArcher Platform 6 before 2024.03 contains a sensitive information disclosure vulnerability. An authenticated attacker could potentially obtaEPSS 0.4%CVE-2022-22447MEDIUMIBM Disconnected Log Collector information disclosureEPSS 0.4%CVE-2024-40597HIGHAn issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. (The lEPSS 0.4%CVE-2025-60949CRITICALCensus CSWeb leaked configuration filesEPSS 0.4%CVE-2026-42973MEDIUMWindows Push Notification Information Disclosure VulnerabilityEPSS 0.4%CVE-2026-42906MEDIUMWindows Shell Information Disclosure VulnerabilityEPSS 0.4%CVE-2019-10183LOWVirt-install(1) utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interactioEPSS 0.4%CVE-2026-45594MEDIUMWindows Application Identity (AppID) Information Disclosure VulnerabilityEPSS 0.4%CVE-2025-0226MEDIUMTsinghua Unigroup Electronic Archives System downLoad.html download information disclosureEPSS 0.4%CVE-2026-42970MEDIUMWindows Push Notification Information Disclosure VulnerabilityEPSS 0.4%CVE-2024-29885MEDIUMReports are still accessible even when `canView()` returns false in silverstripe/reportsEPSS 0.4%CVE-2025-21626MEDIUMGLPI vulnerable to exposure of sensitive information in the `status.php` endpointEPSS 0.4%CVE-2024-7417MEDIUMRoyal Elementor Addons and Templates <= 1.3.986 - Authenticated (Subscriber+) Private Post DisclosureEPSS 0.4%CVE-2024-7554MEDIUMExposure of Sensitive Information to an Unauthorized Actor in GitLabEPSS 0.4%CVE-2024-10329MEDIUMUltimate Bootstrap Elements for Elementor <= 1.4.6 - Authenticated (Contributor+) Sensitive Information ExposureEPSS 0.4%CVE-2026-39412MEDIUMLiquidJS has an ownPropertyOnly bypass via sort_natural filter — prototype property information disclosure through sorting side-channelEPSS 0.4%CVE-2026-46726HIGHApache Camel Vertx Websocket: The inbound consumer maps externally-supplied WebSocket query and path parameters into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headersEPSS 0.4%