CWE-200

10,151 vulnerabilities with CWE-200

CVE-2021-39000 MEDIUM

IBM MQ Appliance <9.2 - Info Disclosure

CVSS 5.5

CVE-2021-38999 MEDIUM

IBM MQ Appliance - Exposure of Sensitive Information via Trace Data

CVSS 5.5

CVE-2021-37010 HIGH

HarmonyOS - Exposure of Sensitive Information to an Unauthorized Actor

CVSS 7.5

CVE-2021-41532 MEDIUM

Apache Ozone < 1.2.0 - Unauthenticated Exposure of Sensitive Information via Recon HTTP Endpoints

CVSS 5.3

CVE-2021-23193 HIGH

Gallagher Command Centre <8.50.2048 - Privilege Escalation

CVSS 8.1

CVE-2021-37939 LOW

Kibana 7.8.0-7.15.1 - Authenticated Internal Host HTTP Response Disclosure via JIRA and IBM Resilient Connectors

CVSS 2.7

CVE-2021-41277 CRITICAL KEV

Metabase - Path Traversal and Local File Inclusion via Custom GeoJSON Map URL

CVSS 10.0

CVE-2021-32600 MEDIUM

FortiOS 5.6.x, 6.0.x, 6.2.0-6.2.9, 6.4.0-6.4.6, 7.0.0 - Authenticated Information Exposure via VDOM CLI

CVSS 5.0

CVE-2021-41271 MEDIUM

Discourse < 2.7.9 - Exposure of Sensitive Information via Error Response Caching

CVSS 4.8

CVE-2021-41263 HIGH

rails_multisite <4 - Info Disclosure

CVSS 8.3

CVE-2021-30284 HIGH

Qualcomm APQ8009 and related firmware - Information Exposure and Denial of Service via NAS Integrity Check Failure

CVSS 7.5

CVE-2021-41251 MEDIUM

@sap-cloud-sdk/core - Info Disclosure

CVSS 5.9

CVE-2021-39898 LOW

GitLab 10.6.0-14.1.6 - Exposure of Sensitive Information via Project Export

CVSS 3.7

CVE-2021-34774 MEDIUM

Cisco Common Services Platform Collector < 2.10 - Authenticated Sensitive Data Exposure via API Request

CVSS 4.9

CVE-2021-36192 MEDIUM

FortiManager 5.6.0-5.6.10 - Exposure of Sensitive Information via ADOM Script Access

CVSS 5.2

CVE-2021-22047 MEDIUM

Spring Data REST 3.4.0-3.4.13 and 3.5.0-3.5.5 - Exposure of Sensitive Information via Unauthorized URI Access

CVSS 5.3

CVE-2021-22044 HIGH

Spring Cloud OpenFeign 2.2.0-2.2.9 and 3.0.0-3.0.4 - Unintended Endpoint Exposure via Type-Level RequestMapping

CVSS 7.5

CVE-2021-41158 MEDIUM

FreeSWITCH <1.10.7 - Info Disclosure

CVSS 5.8

CVE-2021-39224 LOW

Nextcloud OfficeOnline < 1.1.1 - Full Path Disclosure via Exception Message

CVSS 3.5

CVE-2021-39223 MEDIUM

Nextcloud Richdocuments < 3.8.6 - Sensitive Information Exposure via Exception Message

CVSS 4.8

CVE-2021-39220 LOW

Nextcloud Mail < 1.10.4 - Privacy Filter Bypass via Relative Protocol Images

CVSS 3.5

CVE-2021-42536 HIGH

Emerson Wireless 1410/1410D/1420 Gateway < 4.7.94 - Unauthenticated Credential Exposure

CVSS 8.0

CVE-2021-31381 MEDIUM

Juniper Session and Resource Control < 4.12.0r5 - Remote File Deletion via JBoss Application Server Query

CVSS 6.5

CVE-2021-31380 MEDIUM

Juniper Session and Resource Control < 4.12.0r5 - Information Disclosure via JBoss AppSvr Query

CVSS 5.3

CVE-2021-31371 MEDIUM

Juniper Junos OS Multiple Versions - Unauthenticated Sensitive Information Exposure

CVSS 5.3