Fallos del tipo CWE-214
20 resultadosCVE-2019-3869HIGHWhen running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed to playbook job runs via environment variablEPSS 1.3%CVE-2021-3859—A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attackeEPSS 1.2%CVE-2020-5422—UAA password may appear in BOSH System Metrics Server process argumentsEPSS 0.9%CVE-2020-1753MEDIUMA security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all EPSS 0.5%CVE-2020-36771HIGHCloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local userEPSS 0.5%CVE-2024-4254HIGHSecrets Exfiltration in gradio-app/gradioEPSS 0.5%CVE-2021-32638MEDIUMCodeQL runner: Command-line options that make GitHub access tokens visible to other processes are now deprecatedEPSS 0.4%CVE-2018-17957LOWyast2-rmt leaks database passwords in process listEPSS 0.4%CVE-2018-16837HIGHAnsible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passEPSS 0.4%CVE-2024-28799MEDIUMIBM QRadar Suite Software information disclosureEPSS 0.3%CVE-2025-5452MEDIUMA malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potEPSS 0.3%CVE-2025-59955MEDIUMCoolify leaksensitive information `email_change_code` in `/api/v1/teams/{team_id | current}/members` API endpointEPSS 0.3%CVE-2024-1742LOWInformation disclosure in mk_oracle Checkmk agent pluginEPSS 0.2%CVE-2025-1333MEDIUMIBM MQ Operator information disclosureEPSS 0.2%CVE-2026-40159MEDIUMPraisonAI Exposes Sensitive Environment Variable via Untrusted MCP Subprocess ExecutionEPSS 0.2%CVE-2024-39314MEDIUMtoy-blog administrative token leaked through the command line parameterEPSS 0.2%CVE-2026-41357LOWOpenClaw < 2026.3.31 - Unsanitized Environment Variable Leakage in SSH Sandbox BackendsEPSS 0.2%CVE-2025-32987MEDIUMArctera eDiscovery Platform before 10.3.2, when Enterprise Vault Collection Module is used, places a cleartext password on a command line inEPSS 0.1%CVE-2025-48709MEDIUMBMC Control-M/Server cleartext database credentials in process lists and logsEPSS 0.1%CVE-2025-53860MEDIUMF5OS-A FIPS HSM vulnerabilityEPSS 0.1%