Fallos del tipo CWE-200

3933 resultados
CVE-2026-54264HIGHAngular: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service WorkerEPSS 0.2%CVE-2022-20630MEDIUMCisco DNA Center Information Disclosure VulnerabilityEPSS 0.2%CVE-2026-53643HIGHFOSSBilling allows low-privileged staff accounts to perform unauthorized actions via admin API endpointsEPSS 0.2%CVE-2020-9082LOWThere is an information disclosure vulnerability in several smartphones. The system has a logic judging error under certain scenario, the atEPSS 0.2%CVE-2025-52372MEDIUMAn issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the hmailserver/installation/hMailServerInnoExteEPSS 0.2%CVE-2021-21534MEDIUMDell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local unauthenticated attacker may exploit this vuEPSS 0.2%CVE-2025-55272LOWHCL Aftermarket DPC is affected by Banner Disclosure vulnerabilityEPSS 0.2%CVE-2025-43460MEDIUMA logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker with physical access to a locEPSS 0.2%CVE-2026-43992CRITICALJunoClaw: MCP write tools exposed raw BIP-39 mnemonic as a tool-call parameterEPSS 0.2%CVE-2026-34296MEDIUMVulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain (component: Product Quality ManageEPSS 0.2%CVE-2026-8993MEDIUMImproper URL Handler Processing in D.Launcher 2 enables NTLM Credential Disclosure and SSRF attacksEPSS 0.2%CVE-2026-46584LOWApache Camel Mail: The mail producer applied attacker-supplied message headers as JavaMail session properties, allowing an attacker to influence SMTP parametersEPSS 0.2%CVE-2026-1307MEDIUMNinja Forms <= 3.14.1 - Authenticated (Contributor+) Sensitive Information Disclosure via Block Editor TokenEPSS 0.2%CVE-2026-30891MEDIUMDiscourse hasUnauthorized Exposure of Private User Action TypesEPSS 0.2%CVE-2025-46388MEDIUMCWE-200 Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.2%CVE-2023-29116MEDIUMPHP Information Disclosure in Enel X JuiceBoxEPSS 0.2%CVE-2026-41183MEDIUMFreeScout allows non-folder conversation queries to disclose assigned-only hidden conversationsEPSS 0.2%CVE-2026-33886MEDIUMStatamic's sensitive configuration values are exposed to content editors via Antlers-enabled fieldsEPSS 0.2%CVE-2022-32824The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may bEPSS 0.2%CVE-2025-12584MEDIUMQuick View for WooCommerce <= 2.2.17 - Unauthenticated Private Product DisclosureEPSS 0.2%