Weaknesses of type CWE-200
3,933 resultsCVE-2024-22032HIGHRancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpecEPSS 0.4%CVE-2024-40554HIGHAn access control issue in Tmall_demo v2024.07.03 allows attackers to obtain sensitive information.EPSS 0.4%CVE-2026-21626CRITICALExtension - stackideas.com - Information disclosure in post custom fields in EasyDiscuss 1.0.0-5.0.15 for JoomlaEPSS 0.4%CVE-2026-29787MEDIUMmcp-memory-service: System Information Disclosure via Health EndpointEPSS 0.4%CVE-2025-11670MEDIUMNTLM Hash Exposure VulnerabilityEPSS 0.4%CVE-2025-12276MEDIUMLearnHouse Image information disclosureEPSS 0.4%CVE-2025-47417MEDIUMEnable Debug ImagesEPSS 0.4%CVE-2024-8913MEDIUMThe Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 5.6.11 - Authenticated (Contributor+) Sensitive Information Exposure via content_templateEPSS 0.4%CVE-2024-11741MEDIUMGrafana is an open-source platform for monitoring and observability.
The Grafana Alerting VictorOps integration was not properly protected EPSS 0.4%CVE-2025-10607MEDIUMPortabilis i-Educar diarioApi information disclosureEPSS 0.4%CVE-2024-8902MEDIUMElementor Addon Elements <= 1.13.8 - Authenticated (Contributor+) Sensitive Information Exposure via table_saved_sectionsEPSS 0.4%CVE-2025-59260MEDIUMMicrosoft Failover Cluster Virtual Driver Information Disclosure VulnerabilityEPSS 0.4%CVE-2024-39313MEDIUMtoy-blog Improper Input Validation vulnerabilityEPSS 0.4%CVE-2017-12289—A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attEPSS 0.4%CVE-2024-1952LOWMattermost version 8.1.x before 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, allowing anEPSS 0.4%CVE-2024-12250MEDIUMAccept Authorize.NET Payments Using Contact Form 7 <= 2.2 - Unauthenticated Information ExposureEPSS 0.4%CVE-2026-35452MEDIUMWWBN AVideo has Unauthenticated Information Disclosure via Missing Auth on CloneSite client.log.phpEPSS 0.4%CVE-2026-1170MEDIUMbirkir prime GraphQL API graphql information disclosureEPSS 0.4%CVE-2023-31280MEDIUMExposure of Sensitive Information to an Unauthorized ActorEPSS 0.4%CVE-2023-41749MEDIUMSensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (WindEPSS 0.4%