Weaknesses of type CWE-200
3,953 resultsCVE-2021-21590MEDIUMDell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local maliciouEPSS 0.2%CVE-2021-21591MEDIUMDell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local maliciouEPSS 0.2%CVE-2025-13821MEDIUMUser profile update exposes password hash and MFA secretsEPSS 0.2%CVE-2025-46294MEDIUMTo enhance security, the FileMaker Server 22.0.4 installer now includes an option to disable IIS short filename enumeration by setting NtfsDEPSS 0.2%CVE-2026-53467MEDIUMImageMagick: Information Disclosure in MNG decoder because allocated memory is left unchangedEPSS 0.2%CVE-2024-42209LOWHCL Connections is vulnerable to an information disclosure vulnerabilityEPSS 0.2%CVE-2026-32142MEDIUMshopware/commercial: `/api/_info/config` route exposes information about licensesEPSS 0.2%CVE-2025-43530MEDIUMThis issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, macOS Sequoia 15.7.3, macOS Sonoma 14.8.EPSS 0.2%CVE-2025-6461MEDIUMCubeWP – All-in-One Dynamic Content Framework <= 1.1.27 - Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.phpEPSS 0.2%CVE-2025-43378MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may beEPSS 0.2%CVE-2023-40411MEDIUMThis issue was addressed with improved data protection. This issue is fixed in macOS Sonoma 14. An app may be able to access user-sensitive EPSS 0.2%CVE-2023-0238LOWInjecting Activity Loads in WARP Mobile ClientEPSS 0.2%CVE-2023-41987MEDIUMThis issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be able to access sensitive user data.EPSS 0.2%CVE-2025-9908MEDIUMEvent-driven-ansible: sensitive internal headers disclosure in aap eda event streamsEPSS 0.2%CVE-2026-56244HIGHCapgo - Webhook Signing Secret Disclosure via Non-Admin API KeyEPSS 0.2%CVE-2024-20920LOWVulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. EasilEPSS 0.2%CVE-2022-43901MEDIUMIBM WebSphere Automation for IBM Cloud Pak for Watson AIOps information disclosureEPSS 0.2%CVE-2026-42873NONEWeGIA: Error Handling Upload DocDependenteEPSS 0.2%CVE-2026-9955MEDIUMInappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via EPSS 0.2%CVE-2026-6392LOWTanium addressed an information disclosure vulnerability in Threat Response.EPSS 0.2%