Falhas do tipo CWE-200
3.933 resultadosCVE-2024-48011LOWDell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A loEPSS 0.3%CVE-2026-44738HIGHGrav: Twig sandbox allows editor-role users to exfiltrate all plugin secrets via Config::toArray()EPSS 0.3%CVE-2026-40584MEDIUMRansomLook - Improper Filtering of Private Location Entries in API Endpoints Leads to Information ExposureEPSS 0.3%CVE-2021-25464LOWAn improper file management vulnerability in SamsungCapture prior to version 4.8.02 allows sensitive information leak.EPSS 0.3%CVE-2025-60739CRITICALCross Site Request Forgery (CSRF) vulnerability in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before, Logic Version v6.00 - 20EPSS 0.3%CVE-2024-49734HIGHIn multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to determine what site a device has connected to tEPSS 0.3%CVE-2025-24164MEDIUMA logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An aEPSS 0.3%CVE-2025-6600MEDIUMGitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Search APIEPSS 0.3%CVE-2025-5266MEDIUMScript element events leaked cross-origin resource statusEPSS 0.3%CVE-2025-56467MEDIUMAn issue was discovered in AXIS BANK LIMITED Axis Mobile App 9.9 that allows attackers to obtain sensitive information without a UPI PIN, suEPSS 0.3%CVE-2024-44179LOWThis issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadEPSS 0.3%CVE-2025-52026HIGHAn information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-EPSS 0.3%CVE-2025-61589MEDIUMCursor: Potential Information Leakage via Mermaid DiagramEPSS 0.3%CVE-2026-26964LOWWindmill Exposes Workspace Slack OAuth Client Secrets to Non-Admin Workspace MembersEPSS 0.3%CVE-2025-64179MEDIUMlakeFS: Unauthenticated access to API usage metricsEPSS 0.3%CVE-2025-61906LOWOpencast's editor accidentally publishes videos/overwrites publications #1626EPSS 0.3%CVE-2026-56235MEDIUMCapgo - Unauthenticated Cross-Tenant Metrics Disclosure via RPC FunctionsEPSS 0.3%CVE-2025-43018MEDIUMCertain HP LaserJet Pro Printers – Potential Information DisclosureEPSS 0.3%CVE-2026-22203MEDIUMwpDiscuz before 7.6.47 - Options Export Leaks OAuth Secrets in PlaintextEPSS 0.3%CVE-2025-4659MEDIUMIntegration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.4 - Unauthenticated Full Path DisclosureEPSS 0.3%