Fallos del tipo CWE-201
333 resultadosCVE-2025-24639MEDIUMWordPress Korea for WooCommerce plugin <= 1.1.11 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2023-1401MEDIUMInsertion of Sensitive Information Into Sent Data in GitLabEPSS 0.4%CVE-2023-4378MEDIUMInsertion of Sensitive Information Into Sent Data in GitLabEPSS 0.4%CVE-2025-22303MEDIUMWordPress WP Mailster plugin <= 1.8.17.0 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-38787HIGHWordPress Import and export users and customers plugin <= 1.26.8 - Sensitive Information via Imported File vulnerabilityEPSS 0.4%CVE-2024-39315MEDIUMPomerium exposed OAuth2 access and ID tokens in user info endpoint responseEPSS 0.4%CVE-2024-4536MEDIUMEclipse EDC: OAuth2 Credential Exfiltration VulnerabilityEPSS 0.4%CVE-2025-27244MEDIUMAssetView and AssetView CLOUD contain an issue with acquiring sensitive information from sent data to the developer. If exploited, sensitiveEPSS 0.4%CVE-2026-34226HIGHHappy DOM's fetch credentials include uses page-origin cookies instead of target-origin cookiesEPSS 0.4%CVE-2025-66388MEDIUMApache Airflow: Secrets in rendered templates not redacted properly and exposed in the UIEPSS 0.4%CVE-2024-3502CRITICALExposure of Sensitive Information in lunary-ai/lunaryEPSS 0.4%CVE-2025-47775MEDIUMBullfrog's DNS over TCP bypasses domain filteringEPSS 0.4%CVE-2025-64407MEDIUMApache OpenOffice: URL fetching can be used to exfiltrate arbitrary INI file values and environment variablesEPSS 0.4%CVE-2025-31134MEDIUMFreshRSS vulnerable to directory enumeration via ext.phpEPSS 0.4%CVE-2026-27868MEDIUMPUBLICATION OF SENSITIVE INFORMATION ON REGESTA SMART HD-PLC OF TELDATEPSS 0.4%CVE-2024-8890HIGHInsertion of Sensitive Information Into Sent Data vulnerability on CIRCUTOR Q-SMTEPSS 0.4%CVE-2025-32635HIGHWordPress Hive Support plugin <= 1.2.6 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2025-32594HIGHWordPress Simple WP Events plugin <= 1.8.17 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2026-44487HIGHAxios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP AdapterEPSS 0.4%CVE-2023-32275MEDIUMAn information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafEPSS 0.4%