CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2021-32720 MEDIUM
Sylius <1.9.5-1.10.0-RC.1 - Info Disclosure
CVSS 5.3
CVE-2021-32717 HIGH
Shopware <6.4.1.1 - Info Disclosure
CVSS 7.5
CVE-2021-32716 MEDIUM
Shopware <6.4.1.1 - Info Disclosure
CVSS 4.4
CVE-2021-32712 MEDIUM
Shopware < 5.6.10 - Sensitive Information Exposure via Error Message
CVSS 5.3
CVE-2021-32711 CRITICAL
Shopware <6.3.5.1 - Info Disclosure
CVSS 9.1
CVE-2021-25652 MEDIUM
Avaya Aura Appliance Virtualization Platform 8.0.0.0-8.1.3.1 - Unauthorized Information Disclosure
CVSS 4.9
CVE-2021-25649 MEDIUM
Avaya Aura Utility Services 7.0-7.1.2 - Sensitive Information Exposure via Directory and File Management
CVSS 4.9
CVE-2021-20019 HIGH
SonicOS 7.0.0-7.0.0.376 - Memory Leak via HTTP Server Response
CVSS 7.5
CVE-2021-29086 MEDIUM
Synology DSM <6.2.3-25426-3 & DSM UC <3.1-23033 Sensitive Info Exposure via WebAPI
CVSS 5.3
CVE-2021-32695 LOW
Nextcloud Android <3.16.1 - Info Disclosure
CVSS 3.9
CVE-2021-32690 MEDIUM
Helm < 3.6.1 - Credential Exposure via Helm Repository Domain Redirection
CVSS 6.8
CVE-2021-23204 HIGH
Gallagher Command Centre <8.40.1888-8.30.1359 - Info Disclosure
CVSS 8.1
CVE-2021-22913 MEDIUM
Nextcloud Deck <1.2.7, 1.4.1 - Info Disclosure
CVSS 6.5
CVE-2021-22912 MEDIUM
Nextcloud iOS <3.4.2 - Info Disclosure
CVSS 6.5
CVE-2021-22905 MEDIUM
Nextcloud Android App <v3.16.0 - Info Disclosure
CVSS 6.5
CVE-2021-22898 LOW
curl 7.7-7.76.1 - Information Disclosure via TELNET NEW_ENV Option Parser
CVSS 3.1
CVE-2021-22749 MEDIUM
Modicon X80 BMXNOR0200H RTU SV1.70 IR22 - Info Disclosure
CVSS 5.3
CVE-2021-25403 LOW
Samsung Account <10.8.0.4-12.2.0.9 - SSRF
CVSS 3.3
CVE-2021-25392 MEDIUM
Samsung Dex <SMR MAY-2021 Release 1 - Info Disclosure
CVSS 4.0
CVE-2021-28805 HIGH
QNAP Systems Inc. QSS <1.0.3 - Info Disclosure
CVSS 7.8
CVE-2021-28169 MEDIUM
Eclipse Jetty ConcatServlet - Information Disclosure
CVSS 5.3
CVE-2021-32658 MEDIUM
Nextcloud Android <3.16.1 - Info Disclosure
CVSS 4.7
CVE-2021-20259 HIGH
Theforeman Foremanfogproxmox < 0.13.1 - Information Disclosure
CVSS 7.8
CVE-2021-33839 HIGH
luca < 1.7.4 - Unauthorized Sensitive Information Exposure via QR Code Confusion
CVSS 7.5
CVE-2021-20585 MEDIUM
IBM Security Verify Access <20.07 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits