CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2023-23500 MEDIUM
iPadOS < 15.7.3 - Unauthorized Sensitive Kernel State Exposure
CVSS 5.5
CVE-2023-23499 MEDIUM
iPadOS < 16.3 - Unauthorized Access to User-Sensitive Data
CVSS 5.5
CVE-2023-27266 LOW
Mattermost 5.12.0-7.6.9 - Authenticated Email Address Exposure via Teams API
CVSS 2.7
CVE-2023-27265 LOW
Mattermost 5.12.0-7.6.9 - Authenticated Email Address Exposure via Regenerate Invite Id API
CVSS 2.7
CVE-2023-0994 HIGH
rosariosis < 10.8.2 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2023-0597 MEDIUM
Linux Kernel - Memory Leak in CPU Entry Area Mapping
CVSS 5.5
CVE-2023-22476 MEDIUM
MantisBT < 2.25.6 - Authenticated Exposure of Sensitive Information via Group Action Bug Array Parameter
CVSS 4.3
CVE-2023-0901 MEDIUM
pixelfed < 0.11.4 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.3
CVE-2023-22580 MEDIUM
sequelizejs/sequelize - Exposure of Sensitive Information via Improper Input Filtering
CVSS 5.3
CVE-2023-23458 MEDIUM
Sunellsecurity Sn-xvr3804e1 Firmware - Information Disclosure
CVSS 6.5
CVE-2023-0020 HIGH
SAP BusinessObjects Business Intelligence <430 - Info Disclosure
CVSS 8.5
CVE-2023-0814 MEDIUM
Profile Builder < 3.9.0 - Authenticated Sensitive Information Exposure via User Meta Shortcode
CVSS 6.5
CVE-2023-23592 HIGH
WALLIX Access Manager 3.0.0-3.0.16 - Exposure of Sensitive Information
CVSS 7.5
CVE-2023-21435 MEDIUM
Samsung Android - Sensitive Information Exposure in Fingerprint TA via Log
CVSS 4.4
CVE-2023-25165 MEDIUM
Helm 3.0.0-3.11.0 - Exposure of Sensitive Information via getHostByName DNS Lookup
CVSS 4.3
CVE-2023-25164 HIGH
Tinacms 1.0.0-1.0.9 - Exposure of Sensitive Information via Environment Variable Leak
CVSS 8.6
CVE-2023-24827 MEDIUM
Syft v0.69.0-0.69.1 - Info Disclosure
CVSS 6.5
CVE-2023-0659 MEDIUM
BDCOM 1704-WGL 2.0.6314 - Information Disclosure in Backup File Handler
CVSS 5.3
CVE-2023-0658 MEDIUM
Multilaser RE057 and RE170 - Exposure of Sensitive Information via Backup File Handler
CVSS 5.3
CVE-2023-22611 HIGH
EcoStruxure Geo SCADA Expert 2019-2021 - Exposure of Sensitive Information via Database Server TCP Port
CVSS 7.5
CVE-2023-23629 MEDIUM
Metabase < 0.43.7.1 - Improper Privilege Management via Dashboard Subscription
CVSS 6.3
CVE-2023-23628 MEDIUM
Metabase < 0.43.7.1 - Unauthorized Exposure of Dashboard Subscription Recipients
CVSS 5.7
CVE-2023-23624 MEDIUM
Discourse < 3.0.1 - Unauthorized Exposure of Sensitive Information via Exclude Tag Parameter
CVSS 4.3
CVE-2023-23620 MEDIUM
Discourse < 3.0.1 - Unauthorized Access to Restricted Tag Content
CVSS 5.3
CVE-2023-0557 HIGH
ContentStudio <1.2.5 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits