Falhas do tipo CWE-200
3.916 resultadosCVE-2024-45040MEDIUMgnark's commitments to private witnesses in Groth16 as implemented break zero-knowledge propertyEPSS 0.4%CVE-2025-3059MEDIUMProfile Private - Critical - Unsupported - SA-CONTRIB-2025-002EPSS 0.4%CVE-2026-32890CRITICALAnchorr: Stored XSS in User Mapping dropdown allows unprivileged Discord users to exfiltrate all secrets via /api/configEPSS 0.4%CVE-2025-61777CRITICALFlagForge Allows Unauthenticated Badge Template API AccessEPSS 0.4%CVE-2024-10312MEDIUMExclusive Addons for Elementor <= 2.7.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor TemplatesEPSS 0.4%CVE-2025-59209MEDIUMWindows Push Notification Information Disclosure VulnerabilityEPSS 0.4%CVE-2023-38503MEDIUMDirectus has Incorrect Permission Checking for GraphQL SubscriptionsEPSS 0.4%CVE-2024-13562HIGHImport WP – Export and Import CSV and XML files to WordPress <= 2.14.5 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2024-6407CRITICALCWE-200: Information Exposure vulnerability exists that could cause disclosure of
credentials when a specially crafted message is sent to thEPSS 0.4%CVE-2025-0224MEDIUMProvision-ISR SH-4050A-2 server.js information disclosureEPSS 0.4%CVE-2025-58445MEDIUMAtlantis Exposes Service Version Publicly on /status API EndpointEPSS 0.4%CVE-2023-30611MEDIUMReaction metadata exposed in private topics in Discourse-reactionsEPSS 0.4%CVE-2025-32703MEDIUMVisual Studio Information Disclosure VulnerabilityEPSS 0.4%CVE-2026-39889HIGHPraisonAI has Unauthenticated SSE Event Stream Exposes All Agent Activity in A2U ServerEPSS 0.4%CVE-2024-41700HIGHBarix – CWE-200 Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.4%CVE-2025-34059HIGHDahua Smart Cloud Gateway Registration Management Platform SQL InjectionEPSS 0.4%CVE-2023-50894HIGHIn Janitza GridVis through 9.0.66, use of hard-coded credentials in the de.janitza.pasw.feature.impl.activators.PasswordEncryption password EPSS 0.4%CVE-2023-39974—Extension - acymailing.com - Exposure of Sensitive Information in AcyMailing Enterprise component for Joomla 6.7.0-8.6.3EPSS 0.4%CVE-2024-6549MEDIUMAdmin Post Navigation <= 2.1 - Unauthenticated Full Path DisclosureEPSS 0.4%CVE-2025-31491HIGHAutoGPT allows leakage of cross-domain cookies and protected headers in requests redirectEPSS 0.4%