Weaknesses of type CWE-200
3,933 resultsCVE-2025-12297MEDIUMatjiu pybbs UserApiController.java information disclosureEPSS 0.3%CVE-2025-23073LOWAPI list=globalblocks can reveal IP of autoblock if username and IP are included in the bgtargets parameterEPSS 0.3%CVE-2026-45091CRITICALsealed-env: TOTP secret embedded in unseal token payload (enterprise mode)EPSS 0.3%CVE-2026-40490MEDIUMAsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirectsEPSS 0.3%CVE-2024-28164MEDIUMInformation Disclosure vulnerability in SAP NetWeaver AS Java (Guided Procedures)EPSS 0.3%CVE-2026-42151HIGHPrometheus Azure AD remote write OAuth client secret exposed via config APIEPSS 0.3%CVE-2024-37991MEDIUMA vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6EPSS 0.3%CVE-2020-3541MEDIUMCisco Webex Meetings Client for Windows, Webex Meetings Desktop App, and Webex Teams Information Disclosure VulnerabilityEPSS 0.3%CVE-2026-25125MEDIUMOctober CMS: Environment Variable Exfiltration via INI Parser InterpolationEPSS 0.3%CVE-2025-13765MEDIUMExposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: beEPSS 0.3%CVE-2017-12315—A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local aEPSS 0.3%CVE-2025-8676MEDIUMB Slider - Gutenberg Slider Block for WP <= 2.0.0 - Authenticated (Subscriber+) Sensitive Information ExposureEPSS 0.3%CVE-2023-24010HIGHData Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDSEPSS 0.3%CVE-2023-38245MEDIUMAdobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Hash Theft VulnerabilityEPSS 0.3%CVE-2020-37114MEDIUMGUnet OpenEclass 1.7.3 E-learning platform - Information DisclosureEPSS 0.3%CVE-2025-6590MEDIUMComplete content leak of private wikis due to PasswordReset Wikitext injection in error messageEPSS 0.3%CVE-2026-2295MEDIUMWPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_moreEPSS 0.3%CVE-2026-34905MEDIUMApache Answer: Unlisted Questions Accessible via Direct API AccessEPSS 0.3%CVE-2026-34297HIGHVulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component: Knowledge Integration). Supported versioEPSS 0.3%CVE-2026-8965HIGHInformation disclosure in the DOM: Security componentEPSS 0.3%