Fallos del tipo CWE-200

3880 resultados

CVE-2025-24071MEDIUMMicrosoft Windows File Explorer Spoofing VulnerabilityEPSS 25.1%CVE-2003-1567HIGHThe undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the content of the original request in the body oEPSS 25.1%CVE-2024-45309HIGHOneDev vulnerable to arbitrary file reading for unauthenticated userEPSS 24.8%CVE-2026-34474HIGHSensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interEPSS 24.7%CVE-2020-17527—Apache Tomcat: Request header mix-up between HTTP/2 streamsEPSS 24.6%CVE-2022-42979HIGHInformation disclosure due to an insecure hostname validation in the RYDE application 5.8.43 for Android and iOS allows attackers to take ovEPSS 24.3%CVE-2024-30081HIGHWindows NTLM Spoofing VulnerabilityEPSS 24.0%CVE-2024-27356HIGHAn issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical uEPSS 23.9%CVE-2021-24122—Apache Tomcat information disclosureEPSS 22.9%CVE-2025-8868CRITICALChef Automate compliance service SQL Injection VulnerabilityEPSS 22.8%CVE-2024-21320MEDIUMWindows Themes Spoofing VulnerabilityEPSS 22.8%CVE-2015-5317HIGHThe Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name inEPSS 22.4%KEV CVE-2022-31711MEDIUMVMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and aEPSS 21.7%CVE-2024-56902HIGHInformation disclosure vulnerability in Geovision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account inEPSS 21.3%CVE-2022-22733—Access-Token in ElasticJob UI causes password disclosureEPSS 20.9%CVE-2023-2916HIGHInfiniteWP Client <= 1.11.1 - Authenticated (Subscriber+) Sensitive Information ExposureEPSS 20.9%CVE-2024-49357HIGHZimaOS (Installed Applications and System Information) has Unauthorized Sensitive Data LeakEPSS 20.6%CVE-2024-38200MEDIUMMicrosoft Office Spoofing VulnerabilityEPSS 19.7%CVE-2023-38547CRITICALA vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access itsEPSS 18.9%CVE-2024-5230MEDIUMEnvaySoft FleetCart information disclosureEPSS 18.8%

← anteriorpágina 4 / 194siguiente →