Fallos del tipo CWE-200
3928 resultadosCVE-2026-40490MEDIUMAsyncHttpClient leaks authorization credentials to untrusted domains on cross-origin redirectsEPSS 0.3%CVE-2023-38245MEDIUMAdobe Acrobat Reader DC ActiveX Control (AxAcroPDFLib.AxAcroPDF) src NTLMv2 SSO Hash Theft VulnerabilityEPSS 0.3%CVE-2024-28164MEDIUMInformation Disclosure vulnerability in SAP NetWeaver AS Java (Guided Procedures)EPSS 0.3%CVE-2026-45091CRITICALsealed-env: TOTP secret embedded in unseal token payload (enterprise mode)EPSS 0.3%CVE-2026-2295MEDIUMWPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_moreEPSS 0.3%CVE-2026-34905MEDIUMApache Answer: Unlisted Questions Accessible via Direct API AccessEPSS 0.3%CVE-2025-6590MEDIUMComplete content leak of private wikis due to PasswordReset Wikitext injection in error messageEPSS 0.3%CVE-2026-8965HIGHInformation disclosure in the DOM: Security componentEPSS 0.3%CVE-2026-34297HIGHVulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component: Knowledge Integration). Supported versioEPSS 0.3%CVE-2023-34442—Apache Camel JIRA: Temporary file information disclosure in Camel-JiraEPSS 0.3%CVE-2026-28920MEDIUMAn information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26EPSS 0.3%CVE-2025-14464MEDIUMPDF Resume Parser <= 1.0 - Unauthenticated Sensitive Information Disclosure in SMTP CredentialsEPSS 0.3%CVE-2026-33220MEDIUMWeblate: JavaScript localization CDN add-on allows arbitrary local file read outside the repositoryEPSS 0.3%CVE-2024-58256MEDIUMEnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution.EPSS 0.3%CVE-2019-5641LOWRapid7 InsightVM Information Disclosure after LogoutEPSS 0.3%CVE-2025-59833HIGHFlagForgeCTF Hint Exposure via APIEPSS 0.3%CVE-2025-5064MEDIUMInappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin EPSS 0.3%CVE-2025-59535MEDIUMDotNetNuke.Core allows loading of unused themes on anonymous clients through query parametersEPSS 0.3%CVE-2026-28492HIGHFile Browser: Path Traversal in Public Share Links Exposes Files Outside Shared DirectoryEPSS 0.3%CVE-2025-29489MEDIUMlibming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHLINESTYLES function.EPSS 0.3%