Falhas do tipo CWE-200

3.880 resultados

CVE-2021-24170—User Profile Picture < 2.5.0 - Sensitive Information DisclosureEPSS 4.8%CVE-2022-30556—Information Disclosure in mod_lua with websocketsEPSS 4.7%CVE-2017-7899—An Information Exposure issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 1763-L16AWAEPSS 4.6%CVE-2025-55190CRITICALArgo CD: Project API Token Exposes Repository CredentialsEPSS 4.5%CVE-2021-39211MEDIUMDisclosure of GLPI and server information in telemetry endpointEPSS 4.4%CVE-2022-28614—read beyond bounds via ap_rwrite()EPSS 4.4%CVE-2022-27849MEDIUMWordPress Simple Ajax Chat plugin <= 20220115 - Sensitive Information Disclosure vulnerabilityEPSS 4.4%CVE-2021-22898LOWcurl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurEPSS 4.4%CVE-2022-32221CRITICALWhen doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when thEPSS 4.3%CVE-2021-28163LOWIn Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink,EPSS 4.2%CVE-2023-47117HIGHObject Relational Mapper Leak Vulnerability in Filtering Task in Label StudioEPSS 4.1%CVE-2024-25734HIGHAn issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. The TELNET service prompts for a password only after a valid usernamEPSS 4.1%CVE-2021-35936—No Authentication on Logging ServerEPSS 4.0%CVE-2017-7575CRITICALSchneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\EPSS 4.0%CVE-2019-14893HIGHA flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserializatEPSS 4.0%CVE-2017-1000100MEDIUMWhen doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name EPSS 4.0%CVE-2017-7526MEDIUMlibgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the leftEPSS 3.9%CVE-2023-1258MEDIUMFlow-X disclosure of sensitive information to unauthenticated usersEPSS 3.9%CVE-2020-8284LOWA malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and tEPSS 3.9%CVE-2020-9733HIGHSensitive information disclosure possible in AEMEPSS 3.8%

← anteriorpágina 8 / 194próxima →