CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2021-4076 HIGH
tang 8-10 - Exposure of Sensitive Information via Private Key Leak
CVSS 7.5
CVE-2021-3677 MEDIUM
PostgreSQL 11.0-11.12 - Authenticated Exposure of Sensitive Information via Crafted Query
CVSS 6.5
CVE-2021-25118 MEDIUM
Yoast SEO 16.7-17.2 - Exposure of Sensitive Information via REST API
CVSS 5.3
CVE-2021-44141 MEDIUM
Samba < 4.15.5 - Unauthenticated Exposure of Sensitive Information via SMB1 Symlink
CVSS 4.3
CVE-2021-20320 MEDIUM
Linux Kernel - Exposure of Sensitive Information via s390 eBPF JIT Verifier Bypass
CVSS 5.5
CVE-2021-3773 CRITICAL
Linux Kernel < 5.14 - Exposure of Sensitive Information via netfilter
CVSS 9.8
CVE-2021-45310 MEDIUM
Sangoma Switchvox 102409 - Unauthenticated Exposure of Sensitive Information via Invalid Browser Command
CVSS 5.3
CVE-2021-45421 HIGH
Emerson Dixell XWEB-500 Firmware - Unauthenticated Sensitive Information Exposure via Directory Listing
CVSS 7.5
CVE-2021-45420 CRITICAL
Emerson Dixell XWEB-500 Firmware - Unauthenticated Arbitrary File Write via logo_extra_upload.cgi
CVSS 9.8
CVE-2021-25110 MEDIUM
Futurio Extra <1.6.3 - Info Disclosure
CVSS 4.3
CVE-2021-22785 HIGH
Modicon M340 <V3.40 - Info Disclosure
CVSS 7.5
CVE-2021-0170 MEDIUM
Intel PROSet/Wireless Wi-Fi - Info Disclosure
CVSS 5.5
CVE-2021-0166 MEDIUM
Intel PROSet/Wireless < - Info Disclosure
CVSS 6.7
CVE-2021-40360 HIGH
SIMATIC PCS 7 & WinCC - Info Disclosure
CVSS 8.8
CVE-2021-38960 HIGH
IBM Power System AC922 and HMC Firmware - Unauthenticated Exposure of Sensitive Information
CVSS 7.5
CVE-2021-36151 MEDIUM
Apache Gobblin <=0.15.0 - Info Disclosure
CVSS 5.5
CVE-2021-40340 LOW
Hitachi Energy LinkOne <3.27 - Info Disclosure
CVSS 3.7
CVE-2021-31567 MEDIUM
Download Monitor <= 4.4.6 - Authenticated Arbitrary File Download via downloadable_file_urls Parameter
CVSS 6.8
CVE-2021-22825 HIGH
AP7xxxx-AP8xxx < V6.9.6-V1.1.0.3 - Privilege Escalation
CVSS 8.0
CVE-2021-22815 MEDIUM
AP9630/AP9631/AP9635 - Info Disclosure
CVSS 5.3
CVE-2021-29838 MEDIUM
IBM Security Guardium Insights 3.0 - Exposure of Sensitive Information via Missing HSTS
CVSS 5.9
CVE-2021-44692 MEDIUM
BuddyBoss Platform < 1.8.0 - Unauthenticated Exposure of User Email Addresses via Profile UID
CVSS 5.3
CVE-2021-40159 HIGH
Autodesk Inventor - Information Disclosure via JT File Parsing
CVSS 7.8
CVE-2021-23195 MEDIUM
Fresenius Kabi Vigilant Software Suite - Info Disclosure
CVSS 5.3
CVE-2021-37867 MEDIUM
Mattermost Boards < 0.10.0 - Authenticated Sensitive Information Exposure via API
CVSS 4.3
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits