Weaknesses of type CWE-200

3,933 results
CVE-2023-43123Apache Storm: Local Information Disclosure Vulnerability in Storm-core on Unix-Like systems due temporary filesEPSS 0.3%CVE-2025-25195MEDIUMZulip events can leak private channel namesEPSS 0.3%CVE-2025-30352MEDIUMDirectus `search` query parameter allows enumeration of non permitted fieldsEPSS 0.3%CVE-2024-39807LOWChannel IDs of archived/restored channels leaked via webhook eventsEPSS 0.3%CVE-2024-35682MEDIUMWordPress Otter Blocks PRO plugin <= 2.6.11 - Authenticated Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-25333HIGHAn issue in IKEA CN iOS 4.13.0 allows attackers to access sensitive user information via supplying a crafted link.EPSS 0.3%CVE-2021-27908MEDIUMIn all versions prior to Mautic 3.3.2, secret parameters such as database credentials could be exposed publicly by an authorized admin user EPSS 0.3%CVE-2026-30846HIGHWekan Exposes All Global Webhook Integrations through globalwebhooks PublicationEPSS 0.3%CVE-2025-22956CRITICALOPSI before 4.3 allows any client to retrieve any ProductPropertyState, including those of other clients. This can lead to privilege escalatEPSS 0.3%CVE-2024-34754MEDIUMWordPress Contact Form Widget plugin <= 1.3.9 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-46659HIGHAn issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HTTPS request.EPSS 0.3%CVE-2026-32265MEDIUMAmazon S3 for Craft CMS has an Information Disclosure vulnerabilityEPSS 0.3%CVE-2024-6551MEDIUMGiveWP <= 3.15.1 - Unauthenticated Full Path DisclosureEPSS 0.3%CVE-2026-32266LOWGoogle Cloud Storage for Craft CMS has an Information Disclosure VulnerabilityEPSS 0.3%CVE-2024-10084MEDIUMContact Form 7 – Dynamic Text Extension <= 4.5 - Information Disclosure via ShortcodeEPSS 0.3%CVE-2026-7382MEDIUMInformation Disclosure in MeWare Software's PDKSEPSS 0.3%CVE-2025-68279HIGHWeblate has an arbitrary file read via symbolic linksEPSS 0.3%CVE-2021-43937HIGHElcomplus SmartPTT SCADA Server Cross-site Request ForgeryEPSS 0.3%CVE-2026-20800MEDIUMNotification API Leaks Private Repository Issue Titles After Collaborator Permission RevocationEPSS 0.3%CVE-2025-53003HIGHJanssen Config API returns results without scope verificationEPSS 0.3%