Fallos del tipo CWE-200
3932 resultadosCVE-2026-12408MEDIUMSlim SEO <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure via 'object.ID' ParameterEPSS 0.3%CVE-2026-43885HIGHWWBN AVideo: Exposure of Sensitive Information to an Unauthorized Actor and Missing AuthorizationEPSS 0.3%CVE-2025-30463MEDIUMThe issue was addressed with improved restriction of data container access. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 1EPSS 0.3%CVE-2025-12770MEDIUMNew User Approve <= 3.0.9 - Unauthenticated Sensitive Information Disclosure via Type JugglingEPSS 0.3%CVE-2020-13481MEDIUMCertain Lexmark products through 2020-05-25 allow XSS which allows an attacker to obtain session credentials and other sensitive informationEPSS 0.3%CVE-2025-12525MEDIUMLocker Content <= 1.0.0 - Unauthenticated Information ExposureEPSS 0.3%CVE-2024-31799MEDIUMInformation Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via thEPSS 0.3%CVE-2021-25331LOWImproper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreEPSS 0.3%CVE-2025-13494MEDIUMSSP Debug <= 1.0.0 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2024-23236MEDIUMA correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to read arbitrary filesEPSS 0.3%CVE-2021-25332LOWImproper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to contacts information over the lockscrEPSS 0.3%CVE-2024-27884MEDIUMThis issue was addressed with a new entitlement. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.2EPSS 0.3%CVE-2026-6347HIGHMattermost Calls plugin exposes TURN server credentials in plaintext in support packetsEPSS 0.3%CVE-2025-40757MEDIUMA vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC SEPSS 0.3%CVE-2025-13006MEDIUMSurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Unauthenticated Information ExposureEPSS 0.3%CVE-2021-25333LOWImproper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized access to balance information over the lockscreEPSS 0.3%CVE-2024-4220MEDIUMInformation Disclosure in BeyondInsightEPSS 0.3%CVE-2025-12141LOWGrafana Alerting Editors can edit destination of webhooks they did not createEPSS 0.3%CVE-2026-33882MEDIUMStatamic's Markdown preview endpoint exposes sensitive user dataEPSS 0.3%CVE-2025-13973MEDIUMStickEasy Protected Contact Form <= 1.0.1 - Unauthenticated Information DisclosureEPSS 0.3%