Weaknesses of type CWE-200
3,932 resultsCVE-2024-34696MEDIUM GeoServer's Server Status shows sensitive environmental variables and Java propertiesEPSS 0.4%CVE-2025-3966MEDIUMitwanger paicoding Browsing History home information disclosureEPSS 0.4%CVE-2024-32131MEDIUMWordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerabilityEPSS 0.4%CVE-2024-35341HIGHCertain Anpviz products allow unauthenticated users to download the running configuration of the device via a HTTP GET request to /ConfigFilEPSS 0.4%CVE-2024-6544MEDIUMCustom Post Limits <= 4.4.1 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2024-6455MEDIUMElementsKit Elementor addons <= 3.2.0 - Unauthenticated Information Exposure via ekit_widgetarea_content FunctionEPSS 0.4%CVE-2025-6593LOW"{{SITENAME}} registered email address has been changed" email sent to unverified email addressesEPSS 0.4%CVE-2023-27317MEDIUMInformation Disclosure Vulnerability in ONTAP 9 EPSS 0.4%CVE-2024-13613HIGHWise Chat <= 3.3.3 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2023-41893MEDIUMAccount takeover via auth_callback login in Home Assistant CoreEPSS 0.4%CVE-2025-59184MEDIUMStorage Spaces Direct Information Disclosure VulnerabilityEPSS 0.4%CVE-2025-59188MEDIUMMicrosoft Failover Cluster Information Disclosure VulnerabilityEPSS 0.4%CVE-2023-43993MEDIUMAn issue in smaregi_app_market mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel EPSS 0.4%CVE-2022-48514—The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confEPSS 0.4%CVE-2026-43646HIGHApache Wicket: crafted URLs can bypass PackageResourceGuardEPSS 0.4%CVE-2024-13640MEDIUMPrint Invoice & Delivery Notes for WooCommerce <= 5.4.1 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2025-4222MEDIUMDatabase Toolset <= 1.8.4 - Unauthenticated Sensitive Information Exposure via Backup FilesEPSS 0.4%CVE-2025-65820CRITICALAn issue was discovered in Meatmeet Android Mobile Application 1.1.2.0. An exported activity can be spawned with the mobile application whicEPSS 0.4%CVE-2022-46310HIGHThe TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentEPSS 0.4%CVE-2023-43996MEDIUMAn issue in Q co ltd mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access tokEPSS 0.4%