Falhas do tipo CWE-200

3.933 resultados
CVE-2025-24282MEDIUMA library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modifEPSS 0.2%CVE-2026-11182MEDIUMInappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.2%CVE-2024-40804MEDIUMThe issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.6. A malicious application may be able to access privatEPSS 0.2%CVE-2026-1060MEDIUMWP Adminify <= 4.0.7.7 - Unauthenticated Sensitive Information Exposure via 'get-addons-list' REST APIEPSS 0.2%CVE-2026-9912MEDIUMInappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensEPSS 0.2%CVE-2025-20379LOWRisky command safeguards bypass using the “/services/streams/search“ REST endpoint through “q“ parameter in Splunk EnterpriseEPSS 0.2%CVE-2025-40941MEDIUMA vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected devices exposes server information in its respoEPSS 0.2%CVE-2025-62400MEDIUMMoodle: hidden group names visible to event creatorsEPSS 0.2%CVE-2024-52589LOWModerators can view Screened emails even when the “moderators view emails” option is disabled in DiscourseEPSS 0.2%CVE-2025-24262MEDIUMA privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.4. A sandboxed aEPSS 0.2%CVE-2026-49193HIGHPublicly Readable AWS S3 Telemetry BucketsEPSS 0.2%CVE-2026-49187HIGHHard-coded APK Resource Credentials & SceptersEPSS 0.2%CVE-2025-51643LOWMeitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is accessible without authentication or tamper protEPSS 0.2%CVE-2025-11983MEDIUMWP Discourse <= 2.5.9 - Authenticated (Author+) Information ExposureEPSS 0.2%CVE-2024-28238LOWSession Token in URL in directusEPSS 0.2%CVE-2026-50210MEDIUMWeak Static Cryptographic Initialization VectorsEPSS 0.2%CVE-2025-11196MEDIUMExternal Login <= 1.11.2 - Authenticated (Subscriber+) Sensitive Data Exposure via Test ConnectionEPSS 0.2%CVE-2026-23743MEDIUMDiscourse allows permalinks to restricted resources to leak resource slugs to unauthorized usersEPSS 0.2%CVE-2026-31951MEDIUMLibreChat's MCP Server Header Injection Enables OAuth Token TheftEPSS 0.2%CVE-2025-26709MEDIUMUnauthorized Access Vulnerability in ZTE F50EPSS 0.2%