Weaknesses of type CWE-200

3,933 results
CVE-2025-14507MEDIUMEventPrime - Events Calendar, Bookings and Tickets <= 4.2.7.0 - Unauthenticated Sensitive Information Exposure via REST APIEPSS 0.4%CVE-2025-36601MEDIUMDell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerabiliEPSS 0.4%CVE-2017-15112keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command histoEPSS 0.4%CVE-2024-55946HIGHPlayloom Engine Data Storage VulnerabilityEPSS 0.4%CVE-2023-41354MEDIUMChunghwa Telecom NOKIA G-040W-Q - Exposure of Sensitive InformationEPSS 0.4%CVE-2023-28900MEDIUMNickname Disclosure on the Backend Automotive ServerEPSS 0.4%CVE-2023-5516MEDIUM Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing informatioEPSS 0.4%CVE-2023-5515MEDIUM The responses for web queries with certain parameters disclose internal path of resources. This information can be used to learn internal sEPSS 0.4%CVE-2026-30244HIGHPlane: Unauthenticated Workspace Member Information DisclosureEPSS 0.4%CVE-2025-8091MEDIUMEventON Lite <= 2.4.7 - Authenticated (Contributor+) Information DisclosureEPSS 0.4%CVE-2023-4230MEDIUMioLogik 4000 Series: Server Banner Information DisclosureEPSS 0.4%CVE-2026-7526MEDIUMPDF Embedder <= 4.9.3 - Authenticated (Contributor+) Information Exposure via Block Editor PageEPSS 0.4%CVE-2025-53036HIGHVulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (comEPSS 0.4%CVE-2024-33753HIGHSection Camera V2.5.5.3116-S50-SMA-B20160811 and earlier versions allow the accounts and passwords of administrators and users to be changedEPSS 0.4%CVE-2024-31464MEDIUMXWiki Platform: Password hash might be leaked by diff once the xobject holding them is deletedEPSS 0.4%CVE-2025-0659HIGHPath Traversal and Rockwell Automation Third-party Vulnerability in DataMosaix™ Private CloudEPSS 0.4%CVE-2022-41913MEDIUMDiscourse-calendar exposes members of hidden groupsEPSS 0.4%CVE-2024-20904MEDIUMVulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Supported versionsEPSS 0.4%CVE-2024-20937MEDIUMVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC). Supported verEPSS 0.4%CVE-2025-0441MEDIUMInappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitEPSS 0.4%