Falhas do tipo CWE-212
64 resultadosCVE-2025-61594LOWURI Credential Leakage Bypass over CVE-2025-27221EPSS 0.5%CVE-2024-6055MEDIUMImproper removal of sensitive information in data source export feature in Devolutions Remote Desktop Manager 2024.1.32.0 and earlier on WinEPSS 0.5%CVE-2025-27221LOWIn the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication crEPSS 0.5%CVE-2026-20928MEDIUMWindows Recovery Environment Security Feature Bypass VulnerabilityEPSS 0.4%CVE-2025-68131MEDIUMCBORDecoder reuse can leak shareable values across decode callsEPSS 0.4%CVE-2025-53886MEDIUMDirectus doesn't redact tokens in Flow logsEPSS 0.4%CVE-2026-42880CRITICALArgoCD ServerSideDiff is vulnerable to Kubernetes Secret ExtractionEPSS 0.4%CVE-2024-41156LOWProfile files from TRO600 series radios are extracted in plain-text
and encrypted file formats. Profile files provide potential attackers
vaEPSS 0.4%CVE-2025-14267MEDIUMUnintended temporary cached data included in a structure only copy intended to be empty of dataEPSS 0.4%CVE-2025-58049MEDIUMXWiki PDF export jobs store sensitive cookies unencrypted in job statusesEPSS 0.3%CVE-2024-43384HIGHPhoenix Contact: Improper removal of sensitive information in MGUARD productsEPSS 0.3%CVE-2023-52376HIGHInformation management vulnerability in the Gallery module.Successful exploitation of this vulnerability may affect service confidentiality.EPSS 0.3%CVE-2026-43528HIGHOpenClaw < 2026.4.14 - Redaction Bypass via sourceConfig and runtimeConfig AliasesEPSS 0.3%CVE-2026-43824HIGHIn Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.EPSS 0.3%CVE-2020-25635MEDIUMA flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is compleEPSS 0.3%CVE-2024-56353MEDIUMIn JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookiesEPSS 0.3%CVE-2022-23605MEDIUMExpired Ephemeral Messages not reliably removed in wire-webappEPSS 0.3%CVE-2026-27640HIGHtfplan2md has Sensitive Value Exposure in Generated ReportsEPSS 0.3%CVE-2024-32028MEDIUMSensitive query parameters logged by default in OpenTelemetry.Instrumentation http and AspNetCoreEPSS 0.3%CVE-2026-54421MEDIUMIn OpenStack Ironic before 37.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can returnEPSS 0.3%