Weaknesses of type CWE-200

3,943 results
CVE-2024-27884MEDIUMThis issue was addressed with a new entitlement. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2EPSS 0.3%CVE-2025-13006MEDIUMSurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Unauthenticated Information ExposureEPSS 0.3%CVE-2024-23236MEDIUMA correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to read arbitrary filesEPSS 0.3%CVE-2025-12525MEDIUMLocker Content <= 1.0.0 - Unauthenticated Information ExposureEPSS 0.3%CVE-2025-40757MEDIUMA vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC SEPSS 0.3%CVE-2025-13494MEDIUMSSP Debug <= 1.0.0 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2021-32007LOWMissing security header: Referrer-Policy URLEPSS 0.3%CVE-2021-25331LOWImproper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreEPSS 0.3%CVE-2024-4220MEDIUMInformation Disclosure in BeyondInsightEPSS 0.3%CVE-2025-13973MEDIUMStickEasy Protected Contact Form <= 1.0.1 - Unauthenticated Information DisclosureEPSS 0.3%CVE-2025-37160MEDIUMAuthenticated Broken Access Control (BAC) in REST API Configuration ServiceEPSS 0.3%CVE-2026-45553HIGHNiceGUI: Local file disclosure via Docutils file insertion in ui.restructured_text()EPSS 0.3%CVE-2025-12141LOWGrafana Alerting Editors can edit destination of webhooks they did not createEPSS 0.3%CVE-2024-23104MEDIUMAn exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNEPSS 0.3%CVE-2024-12575MEDIUMPoll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.8.9 - Unauthenticated Basic Information ExposureEPSS 0.3%CVE-2026-33882MEDIUMStatamic's Markdown preview endpoint exposes sensitive user dataEPSS 0.3%CVE-2025-63662HIGHInsecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive iEPSS 0.3%CVE-2022-32875MEDIUMA logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, EPSS 0.3%CVE-2025-7368MEDIUMRehub <= 19.9.7 - Unauthenticated Password Protected Post DisclosureEPSS 0.3%CVE-2026-56226HIGHCapgo - Unauthenticated Organization Data Disclosure via get_orgs_v6 RPCEPSS 0.3%