Fallos del tipo CWE-200

3932 resultados
CVE-2023-2820MEDIUMAn information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be uEPSS 0.3%CVE-2025-20377MEDIUMCisco Unified Intelligence Center API Information Disclosure VulnerabilityEPSS 0.3%CVE-2026-40908MEDIUMWWBN AVideo has an Unauthenticated Information Disclosure via git.json.php that Exposes Developer Emails and Deployed VersionEPSS 0.3%CVE-2026-2747MEDIUMPGP Mixed Plaintext and Encrypted ContentEPSS 0.3%CVE-2024-42208LOWHCL Connections is vulnerable to an information disclosure vulnerabilityEPSS 0.3%CVE-2025-12147MEDIUMUnauthorized access to fields protected by Field-Level Security (FLS) when those fields are members of an objectEPSS 0.3%CVE-2026-2803HIGHInformation disclosure, mitigation bypass in the Settings UI componentEPSS 0.3%CVE-2026-34273MEDIUMVulnerability in Oracle GoldenGate (component: Libraries). Supported versions that are affected are 23.4-23.10. Easily exploitable vulnerabEPSS 0.3%CVE-2025-12148MEDIUMUnauthorized access to fields protected by Field Masking (FM) for fields of type IPEPSS 0.3%CVE-2026-6826MEDIUMConcrete 9.5.0 and below has file usage disclosure via missing permission check in Usage controllerEPSS 0.3%CVE-2025-6425MEDIUMThe WebCompat WebExtension shipped with Firefox exposed a persistent UUIDEPSS 0.2%CVE-2025-30435MEDIUMThis issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.4. A sandboxed app may beEPSS 0.2%CVE-2025-26711MEDIUMThere is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized EPSS 0.2%CVE-2025-11794MEDIUMPassword hash and MFA secret returned in user email verification endpointEPSS 0.2%CVE-2020-14335A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flEPSS 0.2%CVE-2025-12098MEDIUMAcademy LMS Pro <= 3.3.8 - Unauthenticated Sensitive Information Exposure via 'enqueue_social_login_script'EPSS 0.2%CVE-2022-27575LOWInformation exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app inforEPSS 0.2%CVE-2025-12039MEDIUMBigBuy Dropshipping Connector for WooCommerce <= 2.0.5 - Unauthenticated IP Spoofing to phpinfo() ExposureEPSS 0.2%CVE-2024-44139LOWThe issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to aEPSS 0.2%CVE-2025-12677MEDIUMKiotViet Sync <= 1.8.5 - Unauthenticated Webhook Key ExposureEPSS 0.2%