CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2021-44739 MEDIUM
Adobe Acrobat and Reader DC < 21.007.20099 - Unauthenticated Information Disclosure via ActiveX
CVSS 4.3
CVE-2021-44702 MEDIUM
Adobe Acrobat and Reader DC < 21.007.20099 - NTLMv2 Credential Disclosure via ActiveX
CVSS 4.3
CVE-2021-30314 MEDIUM
Qualcomm Snapdragon Firmware - Unauthorized Information Disclosure via Third-Party Application Access
CVSS 6.2
CVE-2021-41767 MEDIUM
Apache Guacamole < 1.3.0 - Authenticated Exposure of Sensitive Information via REST Response
CVSS 6.5
CVE-2021-43951 MEDIUM
Atlassian Jira Service Management <4.21.0 - Info Disclosure
CVSS 4.3
CVE-2021-43949 MEDIUM
Atlassian Jira Service Management < 4.21.0 - Authenticated Exposure of Sensitive Information via Custom Fields
CVSS 4.3
CVE-2021-24948 HIGH
Plus Addons for Elementor <5.0.7 - Info Disclosure
CVSS 7.5
CVE-2021-46166 MEDIUM
Zoho ManageEngine Desktop Central <10.0.662 - Info Disclosure
CVSS 6.5
CVE-2021-46148 MEDIUM
MediaWiki <1.35.5-1.37.1 - Info Disclosure
CVSS 6.5
CVE-2021-38956 MEDIUM
IBM Security Verify <10.0.2.0 - Info Disclosure
CVSS 5.3
CVE-2021-20871 MEDIUM
KONICA MINOLTA bizhub series - Info Disclosure
CVSS 6.5
CVE-2021-20869 MEDIUM
KONICA MINOLTA bizhub series - Info Disclosure
CVSS 6.5
CVE-2021-39980 MEDIUM
HarmonyOS - Exposure of Sensitive Information via Telephony Application
CVSS 5.3
CVE-2021-39972 HIGH
HarmonyOS < 2.0 - Exposure of Sensitive Information via MyHuawei-App
CVSS 7.5
CVE-2021-37125 HIGH
HarmonyOS < 2.0 - Exposure of Sensitive Information via Arbitrary File Access
CVSS 7.5
CVE-2021-36723 MEDIUM
Emuse eServices/eNvoice - Unauthenticated Exposure of Private Personal Information via Predictable IDs
CVSS 6.1
CVE-2021-45884 HIGH
Brave Desktop <1.33.106 - Info Disclosure
CVSS 7.5
CVE-2021-45654 CRITICAL
NETGEAR XR1000 <1.0.0.58 - Info Disclosure
CVSS 9.6
CVE-2021-45653 LOW
NETGEAR RBK352 RBR350 RBS350 < 4.4.0.10 - Unauthorized Sensitive Information Exposure
CVSS 3.9
CVE-2021-45652 CRITICAL
NETGEAR RBK352/RBR350/RBS350 < 4.4.0.10 - Sensitive Information Exposure
CVSS 9.6
CVE-2021-45651 HIGH
NETGEAR RBK50 RBR50 RBS50 < 2.7.3.22 - Exposure of Sensitive Information
CVSS 7.4
CVE-2021-45650 CRITICAL
NETGEAR R7000/R7900/R8000/RS400/R6400v2/R7000P/R6700v3/R6900P Firmware - Unauthorized Sensitive Information Exposure
CVSS 9.1
CVE-2021-45649 HIGH
NETGEAR R6400v2/R6700v3/R7000/R6900P/R7000P Firmware - Unauthenticated Sensitive Information Exposure
CVSS 7.9
CVE-2021-45648 LOW
NETGEAR Multiple Models - Exposure of Sensitive Information
CVSS 3.1
CVE-2021-45647 MEDIUM
NETGEAR Multiple Routers and Extenders - Unauthenticated Sensitive Information Exposure
CVSS 6.5
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits