Weaknesses of type CWE-200
3,932 resultsCVE-2026-58027MEDIUMQueryAbuseFilter API can be used to see the hit count of private filters, which is hidden in the UIEPSS 0.4%CVE-2025-30724HIGHVulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are 7.EPSS 0.4%CVE-2023-42666MEDIUMExposure of Sensitive Information to an Unauthorized Actor in DEXMA DEXGateEPSS 0.4%CVE-2025-41230HIGHVMware Cloud Foundation Information Disclosure VulnerabilityEPSS 0.4%CVE-2015-8553MEDIUMXen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and IEPSS 0.4%CVE-2025-14280MEDIUMPixelYourSite <= 11.1.5 - Sensitive Information Exposure via Log FileEPSS 0.4%CVE-2023-47799HIGHMahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administratEPSS 0.4%CVE-2025-22961HIGHA critical information disclosure vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters due EPSS 0.4%CVE-2026-7071MEDIUMCodeAstro Online Job Portal user-cvs file information disclosureEPSS 0.4%CVE-2024-40633MEDIUMCustomer data leak via adjustments API endpoint in SyliusEPSS 0.4%CVE-2026-56323HIGHCapgo - Unauthenticated Channel Enumeration and App Oracle via GET /channel_selfEPSS 0.4%CVE-2024-38467HIGHShenzhen Guoxin Synthesis image system before 8.3.0 allows unauthorized user information retrieval via the queryUser API.EPSS 0.4%CVE-2024-23937MEDIUMSilicon Labs Gecko OS Debug Interface Format StringEPSS 0.4%CVE-2025-51040HIGHElectrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the /FrameSetCore.html endpoint in ElectrolinkEPSS 0.4%CVE-2024-20507MEDIUMCisco Meeting Management Information Disclosure VulnerabilityEPSS 0.4%CVE-2025-36601MEDIUMDell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerabiliEPSS 0.4%CVE-2026-31837HIGHIstio JWKS resolver to prevent private key material from being exposed when JWKS fetch fails.EPSS 0.4%CVE-2023-23629MEDIUMMetabase subject to Improper Privilege ManagementEPSS 0.4%CVE-2023-41354MEDIUMChunghwa Telecom NOKIA G-040W-Q - Exposure of Sensitive InformationEPSS 0.4%CVE-2025-14507MEDIUMEventPrime - Events Calendar, Bookings and Tickets <= 4.2.7.0 - Unauthenticated Sensitive Information Exposure via REST APIEPSS 0.4%