CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2023-1775 MEDIUM
Mattermost Server < 7.1.6 - Unauthorized Sensitive Information Exposure via Websocket Event Broadcast
CVSS 4.3
CVE-2023-1769 MEDIUM
SourceCodester Grade Point Average GPA Calculator 1.0 - Info Disclo...
CVSS 4.3
CVE-2023-1258 MEDIUM
ABB Flow-X Firmware < 4.0 - Unauthenticated Sensitive Information Exposure via Web Service
CVSS 5.3
CVE-2023-28732 MEDIUM
AnyMailing Joomla Plugin <8.3.0 - Info Disclosure
CVSS 6.5
CVE-2023-0836 HIGH
HAProxy 2.1-2.2.26, 2.3-2.4.20, 2.5-2.5.10, 2.6-2.6.7, 2.7 - Information Disclosure
CVSS 7.5
CVE-2023-1680 MEDIUM
Xunrui CMS 4.61 - Info Disclosure
CVSS 4.3
CVE-2023-1683 MEDIUM
Xunrui CMS 4.61 - Info Disclosure
CVSS 4.3
CVE-2023-1681 MEDIUM
Xunrui CMS 4.61 - Info Disclosure
CVSS 4.3
CVE-2023-25722 MEDIUM
Veracode Scan Jenkins Plugin < 23.3.19.0 - Credential Exposure via Process Argument Listing
CVSS 5.5
CVE-2023-1075 LOW
Linux Kernel - Type Confusion in tls_is_tx_ready
CVSS 3.3
CVE-2023-24838 CRITICAL
HGiga PowerStation - Info Disclosure
CVSS 9.8
CVE-2023-28444 CRITICAL
angular-server-side-configuration - Info Disclosure
CVSS 9.9
CVE-2023-21067 HIGH
Android - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2023-28442 HIGH
GeoNode <2.20.6-2.18.7 - Info Disclosure
CVSS 7.5
CVE-2023-28336 MEDIUM
Moodle 3.9.0-3.9.19 and 4.1.0-4.1.1 - Exposure of Sensitive Information via Grade Report History
CVSS 4.3
CVE-2023-28334 MEDIUM
Moodle 4.0.0-4.0.6 and 4.1.0-4.1.1 - Authenticated User Enumeration via Learning Plans Page
CVSS 4.3
CVE-2023-1402 MEDIUM
Moodle - Information Disclosure via Course Participation Report
CVSS 4.3
CVE-2023-20055 HIGH
Cisco DNA Center - Privilege Escalation
CVSS 8.0
CVE-2023-28432 HIGH KEV
Minio <RELEASE.2023-03-20T20-16-18Z - Info Disclosure
CVSS 7.5
CVE-2023-1562 LOW
Mattermost < 7.5.0 - Exposure of Sensitive Information via Focalboard API
CVSS 3.5
CVE-2023-27591 HIGH
miniflux < 2.0.43 - Unauthenticated Information Disclosure via Prometheus Metrics Endpoint
CVSS 7.5
CVE-2023-0027 MEDIUM
Rockwell Automation Modbus TCP Server AOI <2.04.00 - Info Disclosure
CVSS 5.3
CVE-2023-23622 MEDIUM
Discourse < 3.0.1 and 3.1.0.beta2 - Unauthorized Sensitive Information Exposure via Tag Topic Count
CVSS 4.3
CVE-2023-23935 LOW
Discourse <3.0.1-3.1.0.beta2 - Info Disclosure
CVSS 3.5
CVE-2023-22880 MEDIUM
Zoom Rooms < 5.13.5 - Information Disclosure via Microsoft Edge WebView2 Spellcheck
CVSS 6.8
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits