Falhas do tipo CWE-200

3.953 resultados
CVE-2024-45245HIGHDiebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized ActorEPSS 0.2%CVE-2022-4457MEDIUMWARP client manifest misconfiguration leading to Task HijackingEPSS 0.2%CVE-2026-28877MEDIUMAn authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOEPSS 0.2%CVE-2025-57839MEDIUMPhoto module is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentialityEPSS 0.2%CVE-2026-36602MEDIUMMercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unautheEPSS 0.2%CVE-2025-57838MEDIUMSome Honor products are affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confideEPSS 0.2%CVE-2026-36615MEDIUMMercusys AC12G (EU) V1 with firmware AC12G(EU)_V1_200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer conEPSS 0.2%CVE-2025-36895HIGHInformation disclosureEPSS 0.2%CVE-2026-50169MEDIUMAngular Service Worker Policy-Bypass & Credential-Stripping VulnerabilitiesEPSS 0.2%CVE-2023-42925LOWThe issue was addressed with improved restriction of data container access. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. AnEPSS 0.2%CVE-2023-38301LOWAn issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. VariEPSS 0.2%CVE-2023-42948LOWThis issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14. A Wi-Fi password may not be deleted whenEPSS 0.2%CVE-2022-36834LOWExposure of Sensitive Information vulnerability in Game Launcher prior to version 6.0.07 allows local attacker to access app data with user EPSS 0.2%CVE-2026-22251MEDIUMwlc may leak API keys due to an insecure API key configurationEPSS 0.2%CVE-2026-10011LOWInappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer proEPSS 0.2%CVE-2022-37930MEDIUMA security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays and HPE Nimble Storage Secondary Flash Arrays which cEPSS 0.2%CVE-2025-46820HIGHphpgt/Dom exposes the GITHUB_TOKEN in Dom workflow run artifactEPSS 0.2%CVE-2024-42508MEDIUMThis vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.EPSS 0.2%CVE-2026-7999MEDIUMInappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive informaEPSS 0.2%CVE-2025-40803LOWA vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device exposes certain non-critical iEPSS 0.2%