Fallos del tipo CWE-200

3880 resultados
CVE-2017-15098Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before EPSS 3.7%CVE-2016-6548Zizai Tech Nut mobile application makes requests using HTTP, which includes the users session tokenEPSS 3.7%CVE-2019-5016CRITICALAn exploitable arbitrary memory read vulnerability exists in the KCodes NetUSB.ko kernel module which enables the ReadySHARE Printer functioEPSS 3.6%CVE-2025-14528MEDIUMD-Link DIR-803 Configuration getcfg.php information disclosureEPSS 3.6%CVE-2018-15919MEDIUMRemotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a targEPSS 3.6%CVE-2026-33829MEDIUMWindows Snipping Tool Spoofing VulnerabilityEPSS 3.4%CVE-2022-29244HIGHnpm packing does not respect root-level ignore files in workspacesEPSS 3.4%CVE-2020-8169curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over thEPSS 3.4%CVE-2018-5407Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel EPSS 3.4%CVE-2018-0425Cisco RV110W, RV130W, and RV215W Routers Management Interface Information Disclosure VulnerabilityEPSS 3.4%CVE-2017-7520OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-iEPSS 3.4%CVE-2014-2356Innominate mGuard Exposure of Sensitive Information to an Unauthorized ActorEPSS 3.4%CVE-2025-49741HIGHMicrosoft Edge (Chromium-based) Information Disclosure VulnerabilityEPSS 3.4%CVE-2018-0442HIGHCisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure VulnerabilityEPSS 3.3%CVE-1999-0468HIGHInternet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.EPSS 3.2%CVE-2023-34092HIGHVite Server Options (server.fs.deny) can be bypassed using double forward-slash (//)EPSS 3.2%CVE-2024-50338HIGHCarriage-return character in remote URL allows malicious repository to leak credentials in Git Credential ManagerEPSS 3.1%CVE-2025-59434CRITICALCritical Multi-Tenant Variable Disclosure in Flowise Cloud via Custom JavaScript FunctionEPSS 3.1%CVE-2018-10911MEDIUMA flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaEPSS 3.1%CVE-2023-40278HIGHAn issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsEPSS 3.0%