Falhas do tipo CWE-1295
21 resultadosCVE-2021-31412MEDIUMPossible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19EPSS 1.3%CVE-2024-45784HIGHApache Airflow: Sensitive configuration values are not masked in the logs by defaultEPSS 1.3%CVE-2022-27597LOWQTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)EPSS 0.7%CVE-2024-38516HIGHAimeos HTML client may potentially reveal sensitive information in error logEPSS 0.5%CVE-2023-5392HIGHC300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. HoneyweEPSS 0.5%CVE-2023-4215MEDIUMAdvantech WebAccess Debug Messages Revealing Unnecessary InformationEPSS 0.5%CVE-2025-59109MEDIUMUART Leaking Sensitive Data in dormakaba registration unit 9002EPSS 0.5%CVE-2025-31001HIGHWordPress GTM Kit plugin <= 2.4.0 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2025-42604MEDIUMDetailed Error Response Vulnerability in Meon KYC solutionsEPSS 0.4%CVE-2024-11217MEDIUMOauth-server-container: oauth-server-container logs client secret in debug levelEPSS 0.4%CVE-2025-2877MEDIUMEvent-driven-ansible: exposure inventory passwords in plain text when starting a rulebook activation with verbosity set to debug in edaEPSS 0.4%CVE-2025-2469LOWDebug Messages Revealing Unnecessary Information in GitLabEPSS 0.3%CVE-2026-48797CRITICALBackpropagate: backprop ui --auth and backprop ui --share do not enforce authenticationEPSS 0.3%CVE-2024-27179MEDIUMSession disclosure inside the log filesEPSS 0.3%CVE-2022-34364MEDIUM
Dell BSAFE SSL-J, versions before 6.5 and version 7.0 contain a debug message revealing unnecessary information vulnerability. This may lEPSS 0.2%CVE-2023-28077MEDIUM
Dell BSAFE SSL-J, versions prior to 6.5, and versions 7.0 and 7.1 contain a debug message revealing unnecessary information vulnerability. EPSS 0.2%CVE-2025-46775MEDIUMA debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1, FortiExtender 7.4.0 through EPSS 0.1%CVE-2025-35031MEDIUMMedical Informatics Engineering Enterprise Health includes session token in debug outputEPSS 0.1%CVE-2021-25476MEDIUMAn information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection meEPSS 0.1%CVE-2025-12910MEDIUMInappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive inEPSS 0.1%