Fallos del tipo CWE-200

3928 resultados
CVE-2023-22875HIGHIBM Security QRadar SIEM information disclosureEPSS 0.3%CVE-2026-50870HIGHAn information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitivEPSS 0.3%CVE-2022-45459LOWSensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before bEPSS 0.3%CVE-2026-9612MEDIUMWhatsOrder <= 1.0.1 - Unauthenticated Sensitive Information Exposure via Predictable Invoice File URLsEPSS 0.3%CVE-2026-27611HIGHFileBrowser Quantum: Password Protection Not Enforced on Shared File LinksEPSS 0.3%CVE-2023-24588MEDIUMExposure of sensitive information to an unauthorized actor in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticateEPSS 0.3%CVE-2025-66027HIGHRallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy SettingsEPSS 0.3%CVE-2025-4390MEDIUMWP Private Content Plus <= 3.6.2 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2026-32865CRITICALOPEXUS eComplaint and eCase insecure password resetEPSS 0.3%CVE-2025-15103HIGHDVP-12SE11T - Authentication Bypass via Partial Password DisclosureEPSS 0.3%CVE-2026-29108MEDIUMAuthenticated SuiteCRM Users Can Retrieve The Password Hash of Any UserEPSS 0.3%CVE-2024-45391HIGHTina search token leak via lock file in TinaCMSEPSS 0.3%CVE-2026-5413MEDIUMNewgen OmniDocs GetWebApiConfiguration information disclosureEPSS 0.3%CVE-2025-67732HIGHDify Vulnerable to Plaintext API Key Exposure via Model Provider Configuration EndpointEPSS 0.3%CVE-2023-34242LOWCilium vulnerable to information leakage via incorrect ReferenceGrant handlingEPSS 0.3%CVE-2025-15508MEDIUMMagic Import Document Extractor <= 1.0.6 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2025-49653HIGHExposure of sensitive Information allows account takeoverEPSS 0.3%CVE-2026-49269HIGHApple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run aEPSS 0.3%CVE-2026-27457MEDIUMWeblate: Missing access control for the AddonViewSet API exposes all addon configurationsEPSS 0.3%CVE-2023-48335LOWWordPress Hide login page plugin <= 1.1.9 - Secret Login Page Location Disclosure on Multisites vulnerabilityEPSS 0.3%