Falhas do tipo CWE-200
3.929 resultadosCVE-2026-35038LOWsignalk-server: Arbitrary Prototype Read via `from` Field BypassEPSS 0.3%CVE-2026-50870HIGHAn information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitivEPSS 0.3%CVE-2025-40940MEDIUMA vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected application exhibits inconsistent SNMP behaviorEPSS 0.3%CVE-2021-20332MEDIUMMongoDB Rust Driver may publish events containing authentication-related data to a connection pool event listener configured by an applicationEPSS 0.3%CVE-2023-22875HIGHIBM Security QRadar SIEM information disclosureEPSS 0.3%CVE-2026-9153MEDIUMArbitrary File Read in Rapid7 InsightConnect Sed PluginEPSS 0.3%CVE-2026-27611HIGHFileBrowser Quantum: Password Protection Not Enforced on Shared File LinksEPSS 0.3%CVE-2026-32865CRITICALOPEXUS eComplaint and eCase insecure password resetEPSS 0.3%CVE-2025-66027HIGHRallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy SettingsEPSS 0.3%CVE-2023-24588MEDIUMExposure of sensitive information to an unauthorized actor in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticateEPSS 0.3%CVE-2025-4390MEDIUMWP Private Content Plus <= 3.6.2 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2024-45391HIGHTina search token leak via lock file in TinaCMSEPSS 0.3%CVE-2026-29108MEDIUMAuthenticated SuiteCRM Users Can Retrieve The Password Hash of Any UserEPSS 0.3%CVE-2025-15103HIGHDVP-12SE11T - Authentication Bypass via Partial Password DisclosureEPSS 0.3%CVE-2025-67732HIGHDify Vulnerable to Plaintext API Key Exposure via Model Provider Configuration EndpointEPSS 0.3%CVE-2023-34242LOWCilium vulnerable to information leakage via incorrect ReferenceGrant handlingEPSS 0.3%CVE-2026-5413MEDIUMNewgen OmniDocs GetWebApiConfiguration information disclosureEPSS 0.3%CVE-2026-55993HIGHApache Camel Atmosphere Websocket: The inbound consumer maps externally-supplied WebSocket query parameters into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers - enabling influencing internal behaviourEPSS 0.3%CVE-2021-41181LOWNextcloud Talk app exposes chat messages on lockscreenEPSS 0.3%CVE-2025-49653HIGHExposure of sensitive Information allows account takeoverEPSS 0.3%