Falhas do tipo CWE-200
3.929 resultadosCVE-2025-15381HIGHUnauthorized Access to Tracing and Assessment Endpoints in mlflow/mlflowEPSS 0.3%CVE-2026-34305HIGHVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affeEPSS 0.3%CVE-2024-28188MEDIUMjupyter-scheduler's endpoint is missing authenticationEPSS 0.3%CVE-2024-12340MEDIUMAnimation Addons for Elementor <= 1.1.6 - Authenticated (Contributor+) Sensitive Information Exposure via Content Slider and Tabs Widget Elementor TemplateEPSS 0.3%CVE-2025-3403MEDIUMVivotek NVR ND8422P/NVR ND9525P/NVR ND9541P HTML Form sensitive information in sourceEPSS 0.3%CVE-2025-11997MEDIUMDocument Pro Elementor – Documentation & Knowledge Base <= 1.0.9 - Unauthenticated Information ExposureEPSS 0.3%CVE-2026-1267MEDIUMIBM Planning Analytics Information DisclosureEPSS 0.3%CVE-2025-27399MEDIUMMastodon's domain blocks & rationales ignore user approval when visibility set as "users"EPSS 0.3%CVE-2024-20910LOWVulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. DifficEPSS 0.3%CVE-2025-29270CRITICALIncorrect access control in the realtime.cgi endpoint of Deep Sea Electronics devices DSE855 v1.1.0 to v1.1.26 allows attackers to gain acceEPSS 0.3%CVE-2022-48430MEDIUMIn JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview.EPSS 0.3%CVE-2026-10254MEDIUMSourceCodester Pet Grooming Management Software admin file information disclosureEPSS 0.3%CVE-2024-6398MEDIUMAn information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a cuEPSS 0.3%CVE-2025-54133MEDIUMCursor's MCP Install Deeplink Does Not Show Arguments in its User-DialogEPSS 0.3%CVE-2023-24011HIGHData Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Cyclone DDSEPSS 0.3%CVE-2025-54425MEDIUMUmbraco's Delivery API allows for cached requests to be returned with an invalid API keyEPSS 0.3%CVE-2019-18947LOWinformation disclosureEPSS 0.3%CVE-2025-60805HIGHAn issue was discovered in BESSystem BES Application Server thru 9.5.x allowing unauthorized attackers to gain sensitive information via theEPSS 0.3%CVE-2023-28010MEDIUMHCL Domino is susceptible to a sensitive information disclosure vulnerabilityEPSS 0.3%CVE-2025-1063MEDIUMClassified Listing – Classified ads & Business Directory Plugin <= 4.0.4 - Unauthenticated Settings ExposureEPSS 0.3%