Falhas do tipo CWE-200

3.932 resultados
CVE-2025-9240MEDIUMelunez eladmin info information disclosureEPSS 0.3%CVE-2026-45332HIGHAutomad Broken Access Control: unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpointEPSS 0.3%CVE-2024-39593MEDIUM[CVE-2024-39593] Information Disclosure vulnerability in SAP Landscape ManagementEPSS 0.3%CVE-2026-33677MEDIUMWebhook BasicAuth Credentials Exposed to Read-Only Project Collaborators via APIEPSS 0.3%CVE-2024-8494MEDIUMElementor Website Builder Pro – More than Just a Page Builder <= 3.25.10 - Authenticated (Contributor+) Sensitive Information Exposure via ShortcodeEPSS 0.3%CVE-2026-10055HIGHIn Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connecteEPSS 0.3%CVE-2025-30447MEDIUMThe issue was resolved by sanitizing logging. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS SonoEPSS 0.3%CVE-2018-0106A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access EPSS 0.3%CVE-2025-60858HIGHReolink Video Doorbell Wi-Fi DB_566128M5MP_W stores and transmits DDNS credentials in plaintext within its configuration and update scripts,EPSS 0.3%CVE-2025-61220HIGHThe incomplete verification mechanism in the AutoBizLine com.mysecondline.app 1.2.91 allows attackers to log in as other users and gain unauEPSS 0.3%CVE-2025-52268HIGHStarCharge Artemis AC Charger 7-22 kW v1.0.4 was discovered to contain a hardcoded AES key which allows attackers to forge or decrypt valid EPSS 0.3%CVE-2025-6722MEDIUMBitFire <= 4.5 - Unauthenticated Information ExposureEPSS 0.3%CVE-2024-34029MEDIUMAD/LDAP Group Members LeakEPSS 0.3%CVE-2023-47616LOWA CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8EPSS 0.3%CVE-2025-54323HIGHAn issue was discovered in the camera in Samsung Mobile Processor Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, and EPSS 0.3%CVE-2024-36118LOWUnauthorized viewing of workspace test cases in MeterSphereEPSS 0.3%CVE-2026-32270LOWCraft Commerce: Unauthenticated information disclosure in `commerce/payments/pay` can leak some customer order data on anonymous paymentsEPSS 0.3%CVE-2025-26485MEDIUMA vulnerability in Beta80 Life 1st enables the retrieval of different error messages for failed authentication attempts (in case of the usaEPSS 0.3%CVE-2026-26069CRITICALScraparr Readarr Integration exposes sensitive values as metric labels.EPSS 0.3%CVE-2026-42223MEDIUMnginx-ui: Settings API Exposes Protected SecretsEPSS 0.3%