Fallos del tipo CWE-200

3929 resultados
CVE-2025-24217MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15EPSS 0.3%CVE-2026-34984HIGHExternal Secrets Operator has DNS exfiltration via getHostByName in its v2 template engineEPSS 0.3%CVE-2026-33745HIGHcpp-httplib Client Leaks Authentication Credentials to Untrusted Hosts on Cross-Origin HTTP RedirectEPSS 0.3%CVE-2025-12681MEDIUMComment Edit Core – Simple Comment Editing <= 3.1.0 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2026-37454HIGHInsecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via EPSS 0.3%CVE-2026-46912CRITICALVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime Security). Supported versions thatEPSS 0.3%CVE-2024-46894MEDIUMA vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate autEPSS 0.3%CVE-2024-34711CRITICALGeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)EPSS 0.3%CVE-2025-65017HIGHDecidim's private data exports can lead to data leaksEPSS 0.3%CVE-2026-56337MEDIUMCapgo - Information Disclosure via Unauthenticated RPC Function exist_app_v2EPSS 0.3%CVE-2025-61750MEDIUMVulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Supported versions that are affecteEPSS 0.3%CVE-2020-8316MEDIUMA vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the sysEPSS 0.3%CVE-2026-56318MEDIUMCapgo - Information Disclosure via /private/validate_password_compliance EndpointEPSS 0.3%CVE-2024-30106LOWHCL Connections is vulnerable to an information disclosure vulnerabilityEPSS 0.3%CVE-2024-27806MEDIUMThis issue was addressed with improved environment sanitization. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17EPSS 0.3%CVE-2025-24174HIGHThe issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app mEPSS 0.3%CVE-2026-41032HIGHPhoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllersEPSS 0.3%CVE-2026-27452CRITICALASN.1 TypeScript Library: Decoding an INTEGER could leak the underlying ArrayBufferEPSS 0.3%CVE-2025-14075MEDIUMWP Hotel Booking <= 2.2.7 - Unauthenticated Sensitive Information Exposure via 'email' ParameterEPSS 0.3%CVE-2022-37909MEDIUMAruba has identified certain configurations of ArubaOS that can lead to sensitive information disclosure from the configured ESSIDs. The sceEPSS 0.3%