Weaknesses of type CWE-200
3,951 resultsCVE-2025-64324HIGHKubeVirt Vulnerable to Arbitrary Host File Read and WriteEPSS 0.2%CVE-2022-32896—This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able toEPSS 0.2%CVE-2026-34947LOWDiscourse: Staged user custom fields are exposed on public invite pagesEPSS 0.2%CVE-2026-47263MEDIUMDiscourse: Prevent webhook payload disclosure on event redeliveryEPSS 0.2%CVE-2023-39393—Vulnerability of insecure signatures in the ServiceWifiResources module. Successful exploitation of this vulnerability may cause ServiceWifiEPSS 0.2%CVE-2026-9183MEDIUM24liveblog <= 2.2 - Authenticated (Contributor+) Exposure of Sensitive Information via Block Editor Script LocalizationEPSS 0.2%CVE-2025-65278HIGHAn issue was discovered in file users.json in GroceryMart commit 21934e6 (2020-10-23) allowing unauthenticated attackers to gain sensitive iEPSS 0.2%CVE-2026-28820MEDIUMThis issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.EPSS 0.2%CVE-2025-64705LOWFrappe user was able to access the submission of other studentsEPSS 0.2%CVE-2025-43246MEDIUMThis issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access EPSS 0.2%CVE-2026-9929MEDIUMInappropriate implementation in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin datEPSS 0.2%CVE-2024-54547MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app mEPSS 0.2%CVE-2022-34312MEDIUMIBM CICS TX information disclosureEPSS 0.2%CVE-2022-41954LOWTemporary File Information Disclosure VulnerabilityEPSS 0.2%CVE-2025-11377MEDIUMList category posts <= 0.92.0 - Authenticated (Contributor+) Information ExposureEPSS 0.2%CVE-2024-52966LOWAn exposure of sensitive information to an unauthorized actor in Fortinet FortiAnalyzer 6.4.0 through 7.6.0 allows attacker to cause informaEPSS 0.2%CVE-2025-54971LOWAn exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiADC 7.4.0, FortiADC 7.2 all versions, FortiADC EPSS 0.2%CVE-2025-25946MEDIUMAn issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpEPSS 0.2%CVE-2024-3716MEDIUMForeman-installer: candlepin database password being leaked to local users via the process listEPSS 0.2%CVE-2023-25722MEDIUMA credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when cEPSS 0.2%