Falhas do tipo CWE-200
3.933 resultadosCVE-2025-11151HIGHInformation Disclosure in Beyaz Computer's CityPLusEPSS 0.3%CVE-2026-28675MEDIUMOpenSift: Sensitive implementation details exposed via raw exception messages and token-returning endpointsEPSS 0.3%CVE-2026-53725MEDIUMParse Server: Endpoints `/login` and `/verifyPassword` disclose MFA secrets and protected fields when `_User` get is deniedEPSS 0.3%CVE-2026-7626MEDIUMSlek Gateway for WooCommerce <= 1.0 - Unauthenticated Insufficiently Protected Credentials via Payment Redirect Form Hidden FieldsEPSS 0.3%CVE-2026-47177MEDIUMQuest Bot: Ticket transcripts can disclose private ticket contents to a lower-visibility channelEPSS 0.3%CVE-2026-47176MEDIUMQuest Bot: Logging module can disclose private-channel message contents to a lower-visibility log channelEPSS 0.3%CVE-2025-24281MEDIUMThis issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive usEPSS 0.3%CVE-2025-12147MEDIUMUnauthorized access to fields protected by Field-Level Security (FLS) when those fields are members of an objectEPSS 0.3%CVE-2026-6826MEDIUMConcrete 9.5.0 and below has file usage disclosure via missing permission check in Usage controllerEPSS 0.3%CVE-2026-34273MEDIUMVulnerability in Oracle GoldenGate (component: Libraries). Supported versions that are affected are 23.4-23.10. Easily exploitable vulnerabEPSS 0.3%CVE-2024-42208LOWHCL Connections is vulnerable to an information disclosure vulnerabilityEPSS 0.3%CVE-2026-40908MEDIUMWWBN AVideo has an Unauthenticated Information Disclosure via git.json.php that Exposes Developer Emails and Deployed VersionEPSS 0.3%CVE-2025-20377MEDIUMCisco Unified Intelligence Center API Information Disclosure VulnerabilityEPSS 0.3%CVE-2026-2747MEDIUMPGP Mixed Plaintext and Encrypted ContentEPSS 0.3%CVE-2025-12148MEDIUMUnauthorized access to fields protected by Field Masking (FM) for fields of type IPEPSS 0.3%CVE-2023-2820MEDIUMAn information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be uEPSS 0.3%CVE-2026-2803HIGHInformation disclosure, mitigation bypass in the Settings UI componentEPSS 0.3%CVE-2020-14335—A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flEPSS 0.2%CVE-2025-26711MEDIUMThere is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized EPSS 0.2%CVE-2026-45080MEDIUMKlaw: Improper Access Control Allows Disclosure of Password HashEPSS 0.2%