CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2022-34125 MEDIUM
GLPI CMDB < 3.0.3 - Unauthenticated Sensitive Information Exposure via File Parameter
CVSS 6.5
CVE-2022-43951 MEDIUM
FortiNAC <9.4.1-8.7.6 - Info Disclosure
CVSS 5.3
CVE-2022-48430 MEDIUM
JetBrains IntelliJ IDEA < 2023.1 - Unauthorized File Content Disclosure via Markdown Preview External Stylesheet
CVSS 5.5
CVE-2022-48348 CRITICAL
Huawei EMUI and HarmonyOS - Unauthorized Data Read in MediaProvider Module
CVSS 9.1
CVE-2022-48347 HIGH
Huawei EMUI - Exposure of Sensitive Information via MediaProvider Permission Verification
CVSS 7.5
CVE-2022-48346 HIGH
Huawei EMUI and HarmonyOS - Information Exposure via HwContacts Logic Bypass
CVSS 7.5
CVE-2022-39043 LOW
Juiker - Sensitive Information Exposure via Debug Logs in External Storage
CVSS 2.4
CVE-2022-45634 MEDIUM
MEGAFEIS DBD+ 1.4.4 - Authenticated Exposure of Sensitive Account Information
CVSS 4.3
CVE-2022-45124 HIGH
WellinTech KingHistorian 35.01.00.05 - Information Disclosure via User Authentication
CVSS 7.5
CVE-2022-38456 MEDIUM
Ernest Marcinko Ajax Search Lite <=4.10.3 - Info Disclosure
CVSS 4.3
CVE-2022-22075 MEDIUM
Qualcomm APQ8009 Firmware - Information Disclosure in Graphics during GPU Context Switch
CVSS 6.2
CVE-2022-46257 MEDIUM
GitHub Enterprise Server - Info Disclosure
CVSS 4.3
CVE-2022-41329 MEDIUM
Fortinet FortiProxy <7.2.1, FortiOS <7.2.3 - Info Disclosure
CVSS 5.3
CVE-2022-27490 MEDIUM
Fortinet Fortianalyzer < 5.6.11 - Information Disclosure
CVSS 5.4
CVE-2022-4862 MEDIUM
M-Files Server < 22.12.12140.3 - Stored Cross-Site Scripting via HTML Rendering
CVSS 5.0
CVE-2022-3284 MEDIUM
M-Files New Web <22.11.12011.0 - Info Disclosure
CVSS 6.5
CVE-2022-41862 LOW
PostgreSQL 12.0-12.13 - Exposure of Sensitive Information via Kerberos Transport Encryption
CVSS 3.7
CVE-2022-32896 MEDIUM
macOS 11.0-11.7 - Unprotected User Data Exposure
CVSS 5.5
CVE-2022-32855 MEDIUM
iPadOS < 15.6 - Unauthorized Access to Restricted Content from Lock Screen
CVSS 5.5
CVE-2022-32836 HIGH
Apple Music - Unprotected User Data Exposure
CVSS 7.5
CVE-2022-32824 MEDIUM
iPadOS < 15.6 - Kernel Memory Exposure via Improper Memory Handling
CVSS 5.5
CVE-2022-32784 MEDIUM
Safari < 15.6 - Unauthorized Sensitive Data Exposure via Malicious Website
CVSS 6.5
CVE-2022-22668 MEDIUM
iPadOS < 15.4 - Unauthorized Sensitive Information Exposure
CVSS 5.5
CVE-2022-48319 MEDIUM
Checkmk <= 2.1.0p13 and <= 2.0.0p29 - Sensitive Information Disclosure in cmk-update-agent.log
CVSS 6.5
CVE-2022-34351 MEDIUM
IBM QRadar SIEM 7.4-7.5 - Unauthorized Information Exposure via Domain Security Profile
CVSS 5.9
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits