Falhas do tipo CWE-200

3.958 resultados
CVE-2025-58279MEDIUMPermission control vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confiEPSS 0.1%CVE-2022-33724LOWExposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allows local attackers to access ICCID via lEPSS 0.1%CVE-2025-15065HIGHData Exposure in Kings Information & Network KESS EnterpriseEPSS 0.0%CVE-2026-10865MEDIUMCost Calculator Builder <= 4.0.11 - Unauthenticated Sensitive Information Exposure of Payment Gateway Secret KeysEPSS CVE-2026-61426HIGHPraisonAI before 1.7.3 Unauthenticated Agent Access via Insecure DefaultsEPSS CVE-2026-12426MEDIUMMembers <= 3.2.22 - Unauthenticated Sensitive Information Disclosure via REST API Pagination Side ChannelEPSS CVE-2026-59180LOWApprise forwards configured auth headers across cross-origin HTTP redirectsEPSS CVE-2026-55882HIGHTilt: Unauthenticated pprof debug endpoints on the Tilt HUD serverEPSS CVE-2026-7544MEDIUMMux Video Uploader <= 1.1.4 - Authenticated (Subscriber+) Information ExposureEPSS CVE-2026-56303HIGHCapgo - Unauthenticated API Key Metadata Disclosure via SECURITY DEFINER RPC FunctionEPSS CVE-2026-59155MEDIUMNezha Monitoring: DDNS and Notification credential exposure via unredacted list APIEPSS CVE-2026-55500CRITICAL9router: Exposure of Sensitive Information and Unprotected Database Import/Export Allows Complete Credential Theft and Database TakeoverEPSS CVE-2026-57474MEDIUMDeloitte AI Assist for Customer information disclosureEPSS CVE-2026-57994MEDIUMphpMyFAQ - Information Disclosure of Inactive FAQ Content via Public API EndpointsEPSS CVE-2026-6801MEDIUMContext Blog <= 1.3.5 - Unauthenticated Sensitive Information Exposure via 'postID' ParameterEPSS CVE-2026-57219HIGHRabbitMQ: Unauthenticated disclosure of OAuth client credentials via an HTTP API endpoint with certain less common OAuth 2 configurationsEPSS CVE-2026-61454HIGHGrav before 2.0.4 Information Disclosure via __GRAV_CONFIG__EPSS CVE-2026-55664MEDIUMGrist: Insufficient access control in the /forms endpoint exposes table metadataEPSS