CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,152 vulnerabilities with CWE-200
CVE-2020-11922
MEDIUM
WiZ Colors A60 1.14.0 - Unnecessary Sensitive Information Exposure to Cloud Server
CVSS 4.3
CVE-2020-35518
MEDIUM
389 Directory Server < 1.4.3.19 - Unauthenticated LDAP Entry Existence Disclosure
CVSS 5.3
CVE-2020-11221
MEDIUM
Qualcomm APQ8009 and related firmwares - Unauthorized Sensitive Information Exposure via Syscall Handler
CVSS 5.5
CVE-2020-11199
MEDIUM
Qualcomm APQ8009 and related firmware - Unauthorized Information Exposure via Improper Access Control
CVSS 5.5
CVE-2020-27290
MEDIUM
Hamilton Medical AG T1-Ventillator <2.2.3 - Info Disclosure
CVSS 4.3
CVE-2020-28199
CRITICAL
bestit Amazon Pay < 9.4.2 - Unauthenticated Exposure of Sensitive Information
CVSS 9.1
CVE-2020-4953
MEDIUM
IBM Planning Analytics 2.0 - Authenticated Exposure of Sensitive Information via HTTP Responses
CVSS 4.3
CVE-2020-29075
HIGH
Adobe Acrobat/Reader DC < 20.013.20066 & < 17.011.30180 - DNS Info Exposure
CVSS 7.1
CVE-2020-11281
HIGH
Qualcomm AQT1000 Firmware - Information Disclosure via RTT Frame MAC Address Linking
CVSS 7.5
CVE-2020-35681
HIGH
Django Channels 3.0.0-3.0.2 - Information Disclosure via AsgiHandler Request Scope Mismatch
CVSS 7.4
CVE-2020-35568
MEDIUM
Mbconnectline Mbconnect24 < 2.11.2 - Information Disclosure
CVSS 4.3
CVE-2020-1779
MEDIUM
OTRS AG OTRSTicketForms <6.0.40, <7.0.29, <8.0.3 - Info Disclosure
CVSS 4.3
CVE-2020-4640
MEDIUM
IBM API Connect Sensitive Information Exposure via URL Fragment Identifiers
CVSS 4.1
CVE-2020-14192
MEDIUM
Atlassian Crucible and Fisheye < 4.8.4 - Unauthenticated Sensitive Information Exposure via Analytics Response Header
CVSS 4.3
CVE-2020-4967
MEDIUM
IBM Cloud Pak for Security 1.3.0.1 - Sensitive Information Exposure via HTTP Headers
CVSS 4.3
CVE-2020-4815
MEDIUM
IBM Cloud Pak for Security 1.4.0.0 - Sensitive Information Exposure via HTTP Response Headers
CVSS 5.3
CVE-2020-3687
MEDIUM
Qualcomm - Exposure of Sensitive Information via Arbitrary Read in Admin Services
CVSS 5.5
CVE-2020-19363
MEDIUM
vtiger CRM 7.2.0 - Unauthenticated Directory Listing via Libraries and Layout Endpoints
CVSS 6.5
CVE-2020-28482
MEDIUM
fastify-csrf < 3.0.0 - Exposure of Sensitive Information via Insecure Cookie and GET Query Parameter
CVSS 5.9
CVE-2020-4079
HIGH
Combodo iTop < 2.7.2 - Unauthorized Data Access via Excel Export Endpoint
CVSS 7.7
CVE-2020-4336
MEDIUM
IBM WebSphere eXtreme Scale 8.6.1.0-8.6.1.3 - Exposure of Sensitive Information via URL Parameters
CVSS 5.3
CVE-2020-4913
MEDIUM
IBM Cloud Pak System 2.3.0.0-2.3.3.2 - Credential Exposure to Local Privileged User
CVSS 4.4
CVE-2020-35934
MEDIUM
Advanced Access Manager < 6.6.2 - Unauthorized Sensitive Information Exposure via REST API Authentication
CVSS 4.3
CVE-2020-35611
HIGH
Joomla! 2.5.0-3.9.22 - Unauthenticated Exposure of Sensitive Information in Global Configuration Page
CVSS 7.5
CVE-2020-35710
MEDIUM
Parallels Remote Application Server 18 - Unauthenticated Intranet IP Address Exposure via Login Form
CVSS 5.3
Details
Vulnerabilities
10,152
Exploit Likelihood
High