Fallos del tipo CWE-200

3910 resultados
CVE-2024-4584MEDIUMFaraday GM8181/GM828x command_port.ini information disclosureEPSS 0.6%CVE-2023-6136MEDIUMWordPress Debug Log Manager Plugin <= 2.3.0 is vulnerable to Sensitive Data ExposureEPSS 0.6%CVE-2023-39737HIGHThe leakage of the client secret in Matsuya Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadcast messaEPSS 0.6%CVE-2023-23624MEDIUMDiscourse's exclude_tags param could leak which topics had a specific hidden tagEPSS 0.6%CVE-2023-4917MEDIUMLeyka <= 3.30.7 - Authenticated (Subscriber+) Sensitive Information ExposureEPSS 0.6%CVE-2024-11297MEDIUMPage Restriction WordPress (WP) – Protect WP Pages/Post <= 1.3.6 - Unauthenticated Content Restriction Bypass to Sensitive Information ExposureEPSS 0.6%CVE-2024-52517MEDIUMNextcloud Server's global credentials of external storages are sent back to the frontendEPSS 0.6%CVE-2019-14802MEDIUMHashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template renderinEPSS 0.6%CVE-2024-4173HIGHSANnav versions exposes Kafka in the wan interface.EPSS 0.6%CVE-2024-8884CRITICALCWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause exposure of credentials when attacEPSS 0.6%CVE-2025-68438HIGHApache Airflow: Secrets in rendered templates could contain parts of sensitive values when truncatedEPSS 0.6%CVE-2025-58752LOWVite's `server.fs` settings were not applied to HTML filesEPSS 0.6%CVE-2024-6562MEDIUMaffiliate-toolkit <= 3.5.5 - Unauthenticated Full Path DislcosureEPSS 0.6%CVE-2024-7414MEDIUMPDF Builder for WPForms <= 1.2.116 - Unauthenticated Full Path DisclosureEPSS 0.6%CVE-2023-4796MEDIUMBooster for WooCommerce <= 7.1.0 - Authenticated (Subscriber+) Information Disclosure via ShortcodeEPSS 0.6%CVE-2022-31046MEDIUMInformation Disclosure via Export Module in TYPO3 CMSEPSS 0.6%CVE-2024-0242HIGHUnauthorized access to settings in Qolsys IQ Panel 4 and IQ4 HubEPSS 0.6%CVE-2023-39735HIGHThe leakage of the client secret in Uomasa_Saiji_news Line 13.6.1 allows attackers to obtain the channel access token and send crafted broadEPSS 0.6%CVE-2023-39739HIGHThe leakage of the client secret in REGINA SWEETS&BAKERY Line 13.6.1 allows attackers to obtain the channel access token and send crafted brEPSS 0.6%CVE-2022-36777MEDIUMIBM Cloud Pak for Security information disclosureEPSS 0.6%