CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,151 vulnerabilities with CWE-200
CVE-2022-3611
HIGH
Lenovo App Store < 11.8.0 - Unauthorized Sensitive Data Exposure
CVSS 7.6
CVE-2022-43889
MEDIUM
IBM Security Verify Privilege On-Premises 11.5 - Info Disclosure
CVSS 5.3
CVE-2022-43868
MEDIUM
IBM Security Verify Access OIDC Provider - Info Disclosure
CVSS 5.3
CVE-2022-34355
MEDIUM
IBM Engineering Lifecycle Management 6.0.6-6.0.6.1, 7.0-7.0.2 - Unauthorized Sensitive Version Information Exposure
CVSS 4.0
CVE-2022-22447
MEDIUM
IBM Disconnected Log Collector <1.8.2 - Info Disclosure
CVSS 4.0
CVE-2022-47892
MEDIUM
NetMan 204 Firmware - Unauthenticated Sensitive Information Exposure via config.cgi
CVSS 5.3
CVE-2022-47554
HIGH
Ormazabal ekorRCI and ekorCCP Firmware - Unauthenticated Sensitive Information Exposure via XML Files
CVSS 8.2
CVE-2022-22409
MEDIUM
IBM Aspera Faspex 5.0.5 - Info Disclosure
CVSS 5.3
CVE-2022-4343
MEDIUM
GitLab EE <16.1.5-16.3.1 - Info Disclosure
CVSS 5.0
CVE-2022-3745
MEDIUM
Lenovo IdeaPad and IdeaPad 3 Firmware - Exposure of Sensitive Information via SMI Data
CVSS 4.4
CVE-2022-3743
MEDIUM
Lenovo IdeaPad and IdeaPad 3 Firmware - Exposure of Sensitive Information via Embedded Controller Command Enumeration
CVSS 4.4
CVE-2022-46651
MEDIUM
Apache Airflow <2.6.3 - Info Disclosure
CVSS 6.5
CVE-2022-48520
HIGH
Huawei EMUI and HarmonyOS - Unauthorized Access to Sensitive Information in SystemUI
CVSS 7.5
CVE-2022-48519
HIGH
Huawei EMUI and HarmonyOS - Unauthorized Access in SystemUI Module
CVSS 7.5
CVE-2022-48516
HIGH
Huawei EMUI and HarmonyOS - Exposure of Sensitive Information via DSoftBus Module
CVSS 7.5
CVE-2022-48514
HIGH
HarmonyOS - Exposure of Sensitive Information via Sepolicy Netlink Permission Misconfiguration
CVSS 7.5
CVE-2022-48510
CRITICAL
Huawei EMUI - Exposure of Sensitive Information via AMS Module Input Verification Vulnerability
CVSS 9.8
CVE-2022-34352
MEDIUM
IBM QRadar SIEM 7.5.0 - Unauthorized Data Exposure via Delegated Admin Tenant
CVSS 6.5
CVE-2022-33159
MEDIUM
IBM Security Directory Suite VA <8.0.1.19 - Info Disclosure
CVSS 5.3
CVE-2022-47184
HIGH
Apache Traffic Server <9.2.0 - Info Disclosure
CVSS 7.5
CVE-2022-43684
CRITICAL
ServiceNow Quebec Rome San Diego Tokyo Utah - Authenticated Exposure of Sensitive Information via ACL Bypass
CVSS 9.9
CVE-2022-40525
HIGH
Qualcomm CSR8811 and IPQ/QCA/QCN Firmware - Information Disclosure via Side Channel Analysis
CVSS 7.1
CVE-2022-40523
HIGH
Qualcomm 9205 LTE Modem Firmware - Information Disclosure via Indirect Branch Misprediction
CVSS 7.1
CVE-2022-39335
MEDIUM
Synapse <= 1.68.0 - Missing Authorization in Federation API
CVSS 5.0
CVE-2022-45459
HIGH
Acronis Agent < 30025 and Cyber Protect 15 < 30984 - Sensitive Information Disclosure via Insecure Registry Permissions
CVSS 7.5
Details
Vulnerabilities
10,151
Exploit Likelihood
High