Fallos del tipo CWE-200

3929 resultados
CVE-2022-43539MEDIUM A vulnerability exists in the ClearPass Policy Manager cluster communications that allow for an attacker in a privileged network position tEPSS 0.3%CVE-2025-8866MEDIUMYugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attackEPSS 0.3%CVE-2025-20383MEDIUMImproper access control through push notifications for reports and alerts in Splunk Secure Gateway appEPSS 0.3%CVE-2025-29628CRITICALA Gardyn Azure IoT Hub connection string is downloaded over an insecure HTTP connection in Gardyn Home Kit firmware before master.619, Home EPSS 0.3%CVE-2022-34674MEDIUMNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical paEPSS 0.3%CVE-2026-46443HIGHFlowise: Credential Data LeakEPSS 0.3%CVE-2023-24012HIGHData Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Open DDSEPSS 0.3%CVE-2025-3628MEDIUMMoodle: moodle assignment submission search leaks anonymous student identitiesEPSS 0.3%CVE-2025-11379MEDIUMWebP Express <= 0.25.9 - Unauthenticated Information ExposureEPSS 0.3%CVE-2025-9987MEDIUMBroadstreet <= 1.53.1 - Authenticated (Subscriber+) Information DisclosureEPSS 0.3%CVE-2026-47124MEDIUMNezha WebSocket server stream discloses cross-tenant server telemetry to authenticated membersEPSS 0.3%CVE-2026-55994HIGHApache Camel Iggy: The inbound consumer maps externally-supplied Iggy message user-headers into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers - enabling control over internal behaviourEPSS 0.3%CVE-2025-54345HIGHAn issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. Sensitive Information is exposed to an EPSS 0.3%CVE-2025-12784MEDIUMCertain HP LaserJet Pro Printers – Potential Information DisclosureEPSS 0.3%CVE-2022-42815MEDIUMThis issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitiveEPSS 0.3%CVE-2024-52975CRITICALFleet Server sensitive information exposure via logsEPSS 0.3%CVE-2024-36121MEDIUM netty-incubator-codec-ohttp's BoringSSLAEADContext Repeats NoncesEPSS 0.3%CVE-2020-14329A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /api/v2/labels/ endpoEPSS 0.3%CVE-2026-1407LOWBeetel 777VR1 UART information disclosureEPSS 0.3%CVE-2026-55792MEDIUMCraft CMS: Sensitive File Disclosure / Server-Side File ReadEPSS 0.3%