Weaknesses of type CWE-359
187 resultsCVE-2022-2921HIGHExposure of Private Personal Information to an Unauthorized Actor in notrinos/notrinoserpEPSS 1.1%CVE-2025-43227HIGHThis issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6EPSS 1.1%CVE-2022-35932LOWMissing rate limit when trying to join a password protected Nextcloud Talk conversationEPSS 1.1%CVE-2022-24820MEDIUMUnauthenticated user can list hidden document from multiple velocity templatesEPSS 1.0%CVE-2024-40796MEDIUMA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macEPSS 0.9%CVE-2021-21823MEDIUMAn information disclosure vulnerability exists in the Friend finder functionality of GmbH Komoot version 10.26.9 up to 11.1.11. A specially EPSS 0.9%CVE-2022-20942MEDIUMA vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA), Cisco Secure Email and Web Manager, and CiscoEPSS 0.9%CVE-2022-24890LOWExposure of Private Personal Information to an Unauthorized Actor in Nextcloud TalkEPSS 0.9%CVE-2023-44156MEDIUMSensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) beforeEPSS 0.9%CVE-2024-27881MEDIUMA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.7.6, macOS SonoEPSS 0.8%CVE-2023-26041LOWNextcloud Talk messages can still be seen on conversation after expiring when cron is misconfiguredEPSS 0.8%CVE-2022-24719LOWUnauthorized forwarding of confidential headers in fluture-nodeEPSS 0.8%CVE-2023-22918MEDIUMA post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEEPSS 0.8%CVE-2025-0683HIGHExposure of Private Personal Information to an Unauthorized Actor vulnerability in Contec Health CMS8000 Patient MonitorEPSS 0.8%CVE-2022-41971MEDIUMNextcloud Talk guests can continue to receive video streams from call after being removed from a conversationEPSS 0.8%CVE-2025-51586LOWAn issue was discoverd in file controllers/admin/AdminLoginController.php in PrestaShop before 8.2.1 allowing attackers to gain sensitive inEPSS 0.8%CVE-2025-12536MEDIUMSureForms <= 1.13.1 - Missing Authorization to Unauthenticated Sensitive Information ExposureEPSS 0.7%CVE-2025-34441MEDIUMAVideo < 20.1 User Information Disclosure via Public APIEPSS 0.7%CVE-2022-41936MEDIUMExposure of Private Personal Information to an Unauthorized Actor in xwiki-platform-rest-serverEPSS 0.7%CVE-2023-35151HIGHXWiki Platform may show email addresses in clear in REST resultsEPSS 0.7%