Weaknesses of type CWE-200
3,910 resultsCVE-2016-10533—express-restify-mongoose is a module to easily create a flexible REST interface for mongoose models. express-restify-mongoose 2.4.2 and earlEPSS 1.4%CVE-2021-3677—A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authentEPSS 1.4%CVE-2023-46288—Apache Airflow: Sensitive parameters exposed in API when "non-sensitive-only" configuration is setEPSS 1.4%CVE-2024-28247HIGHPihole Authenticated Arbitrary File Read with root privilegesEPSS 1.4%CVE-2021-20019—A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead EPSS 1.4%CVE-2023-1263MEDIUMCMP – Coming Soon & Maintenance Plugin by NiteoThemes <= 4.1.6 - Information ExposureEPSS 1.4%CVE-2021-32770HIGHBasic-auth app bundle credential exposure in gatsby-source-wordpressEPSS 1.4%CVE-2021-24167—Web-Stat < 1.4.1 - API Key DisclosureEPSS 1.4%CVE-2019-10195MEDIUMA flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way thEPSS 1.4%CVE-2003-20001MEDIUMAn issue was discovered on Mitel ICP VoIP 3100 devices. When a remote user attempts to log in via TELNET during the login wait time and an eEPSS 1.4%CVE-2022-0654HIGHExposure of Sensitive Information to an Unauthorized Actor in fgribreau/node-request-retryEPSS 1.4%CVE-2023-36043MEDIUMOpen Management Infrastructure Information Disclosure VulnerabilityEPSS 1.4%CVE-2021-32029—A flaw was found in postgresql. Using an UPDATE ... RETURNING command on a purpose-crafted table, an authenticated database user could read EPSS 1.4%CVE-2021-32690MEDIUMRepository credentials passed to alternate domainEPSS 1.4%CVE-2022-31033MEDIUMAuthorization header leak in rubygem MechanizeEPSS 1.4%CVE-2021-31567MEDIUMWordPress Download Monitor plugin <= 4.4.6 - Authenticated Arbitrary File Download vulnerabilityEPSS 1.4%CVE-2018-12594HIGHReliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileiEPSS 1.4%CVE-2022-34692MEDIUMMicrosoft Exchange Server Information Disclosure VulnerabilityEPSS 1.4%CVE-2025-0481MEDIUMD-Link DIR-878 HTTP POST Request dllog.cgi information disclosureEPSS 1.4%CVE-2019-15583—An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). When anEPSS 1.4%