Fallos del tipo CWE-200

3929 resultados
CVE-2024-8494MEDIUMElementor Website Builder Pro – More than Just a Page Builder <= 3.25.10 - Authenticated (Contributor+) Sensitive Information Exposure via ShortcodeEPSS 0.3%CVE-2026-33677MEDIUMWebhook BasicAuth Credentials Exposed to Read-Only Project Collaborators via APIEPSS 0.3%CVE-2023-47616LOWA CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8EPSS 0.3%CVE-2025-6722MEDIUMBitFire <= 4.5 - Unauthenticated Information ExposureEPSS 0.3%CVE-2025-61220HIGHThe incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows attackers to log in as other users and gain unauEPSS 0.3%CVE-2018-0106A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access EPSS 0.3%CVE-2025-60858HIGHReolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext within its configuration and update scripts,EPSS 0.3%CVE-2024-34029MEDIUMAD/LDAP Group Members LeakEPSS 0.3%CVE-2025-30447MEDIUMThe issue was resolved by sanitizing logging. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS SonoEPSS 0.3%CVE-2024-36118LOWUnauthorized viewing of workspace test cases in MeterSphereEPSS 0.3%CVE-2025-52268HIGHStarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid EPSS 0.3%CVE-2025-54323HIGHAn issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and EPSS 0.3%CVE-2024-11299MEDIUMMemberpress <= 1.11.37 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.3%CVE-2026-42223MEDIUMnginx-ui: Settings API Exposes Protected SecretsEPSS 0.3%CVE-2025-26485MEDIUMA vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts (in case of the usaEPSS 0.3%CVE-2026-26069CRITICALScraparr Readarr Integration exposes sensitive values as metric labels.EPSS 0.3%CVE-2026-46395CRITICALHAX CMS Vulnerable to Private Key Disclosure via Broken HMAC ImplementationEPSS 0.3%CVE-2026-32270LOWCraft Commerce: Unauthenticated information disclosure in `commerce/payments/pay` can leak some customer order data on anonymous paymentsEPSS 0.3%CVE-2025-68718MEDIUMKAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials (root:1234567EPSS 0.3%CVE-2025-24270MEDIUMThis issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4EPSS 0.3%