Fallos del tipo CWE-200

3933 resultados
CVE-2026-45080MEDIUMKlaw: Improper Access Control Allows Disclosure of Password HashEPSS 0.2%CVE-2025-12521MEDIUMAnalytify Pro <= 7.0.3 - Unauthenticated Information ExposureEPSS 0.2%CVE-2024-44139LOWThe issue was addressed with improved checks. This issue is fixed in iOS 18 and iPadOS 18. An attacker with physical access may be able to aEPSS 0.2%CVE-2026-48210MEDIUMPossible information disclosure via External InterfaceEPSS 0.2%CVE-2025-24226MEDIUMThe issue was addressed with improved checks. This issue is fixed in Xcode 16.3. A malicious app may be able to access private information.EPSS 0.2%CVE-2023-5718MEDIUMThe Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via the standard `postMessage()` API. By creatiEPSS 0.2%CVE-2023-29114MEDIUMUnauthorized System Log Disclosure in Enel X JuiceBoxEPSS 0.2%CVE-2021-22276MEDIUMfree@home System Access Point FW integrity check can be bypassed.EPSS 0.2%CVE-2026-22051LOWStorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.13 and 12.0.0.6 are susceptible to a Information Disclosure vulnerabiliEPSS 0.2%CVE-2022-32825MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Big Sur 11.6.8, watchOS 8.7, tEPSS 0.2%CVE-2026-1060MEDIUMWP Adminify <= 4.0.7.7 - Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST APIEPSS 0.2%CVE-2025-24282MEDIUMA library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modifEPSS 0.2%CVE-2024-40804MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. A malicious application may be able to access privatEPSS 0.2%CVE-2026-54396MEDIUMMISP AuthKey edit endpoint allows authenticated user email enumerationEPSS 0.2%CVE-2026-9912MEDIUMInappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensEPSS 0.2%CVE-2026-23597MEDIUMUnauthenticated Information Disclosure in application API allows sensitive system information exposureEPSS 0.2%CVE-2026-5266LOWExposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Echo. This vulnerability is associated wiEPSS 0.2%CVE-2026-2244HIGHSensitive Data Exposure in Google Cloud Vertex AI WorkbenchEPSS 0.2%CVE-2026-11182MEDIUMInappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.2%CVE-2025-62400MEDIUMMoodle: hidden group names visible to event creatorsEPSS 0.2%