CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2022-43930 MEDIUM
IBM Db2 10.5, 11.1, 11.5 - Sensitive Information Disclosure in Log Files
CVSS 6.2
CVE-2022-41734 MEDIUM
IBM Maximo Asset Management <7.6.1.3 - Info Disclosure
CVSS 5.3
CVE-2022-43927 MEDIUM
IBM Db2 10.5, 11.1, 11.5 - Information Disclosure via Specially Crafted Table Access
CVSS 5.9
CVE-2022-27891 MEDIUM
Palantir Gotham < 3.22.10.4 - Unauthenticated Active Username Enumeration
CVSS 5.3
CVE-2022-45454 HIGH
Acronis Agent < 30161 and Cyber Protect 15 < 30984 - Sensitive Information Disclosure via Insecure Folder Permissions
CVSS 7.5
CVE-2022-47367 MEDIUM
Android - Missing Authorization in Bluetooth Driver
CVSS 5.5
CVE-2022-47329 MEDIUM
Android - Missing Authorization in WLAN Driver
CVSS 5.5
CVE-2022-47328 MEDIUM
Android - Local Information Disclosure via WLAN Driver Missing Permission Check
CVSS 5.5
CVE-2022-47326 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in WLAN Driver
CVSS 5.5
CVE-2022-47325 MEDIUM
Android - Local Information Disclosure via WLAN Driver Missing Permission Check
CVSS 5.5
CVE-2022-47324 MEDIUM
Android - Local Information Disclosure via Missing Permission Check in WLAN Driver
CVSS 5.5
CVE-2022-38686 MEDIUM
Android - Denial of Service in WLAN Driver
CVSS 5.5
CVE-2022-46650 MEDIUM
Acemanager <4.16 - Privilege Escalation
CVSS 4.9
CVE-2022-24410 MEDIUM
Dell Alienware BIOS < 1.15.1 - Unauthenticated Sensitive Information Exposure via Debug Interfaces
CVSS 6.8
CVE-2022-40691 MEDIUM
Moxa SDS-3008 Series < 2.1 - Information Disclosure via Web Application
CVSS 5.3
CVE-2022-44268 MEDIUM
ImageMagick 7.1.0-49 - Info Disclosure
CVSS 6.5
CVE-2022-42439 MEDIUM
IBM App Connect Enterprise Sensitive Information Exposure in Discovery Connector Nodes
CVSS 6.8
CVE-2022-23498 HIGH
Grafana 8.3.1-9.2.9 - Unauthenticated Session Exposure via Datasource Query Cache
CVSS 7.1
CVE-2022-47070 HIGH
nvs-365-v01_firmware - Unauthenticated Exposure of Sensitive Information via Password Validation Response
CVSS 7.5
CVE-2022-4206 MEDIUM
GitLab DAST API Scanner 1.6.50-2.0.101 - Exposure of Sensitive Information via Authorization Header
CVSS 5.0
CVE-2022-32984 HIGH
BTCPay Server <1.5.3 - Info Disclosure
CVSS 7.5
CVE-2022-4054 MEDIUM
GitLab <15.4.6-15.5.5-15.6 - Info Disclosure
CVSS 5.5
CVE-2022-31711 MEDIUM
VMware vRealize Log Insight 3.0-4.8 - Unauthenticated Exposure of Sensitive Session Information
CVSS 5.3
CVE-2022-39193 MEDIUM
MediaWiki CheckUser Extension - Unauthorized Exposure of Sensitive Edit and Action Performer Information
CVSS 5.3
CVE-2022-43959 MEDIUM
1C-Bitrix Bitrix24 <22.200.200 - Info Disclosure
CVSS 4.9
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits