CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,152 vulnerabilities with CWE-200
CVE-2019-4444 MEDIUM
IBM API Connect <2018.4.1.7 - Info Disclosure
CVSS 5.5
CVE-2019-18335 MEDIUM
SPPA-T3000 Application Server < R8.2 SP2 - Exposure of Sensitive Information via Crafted Packets to 80/tcp
CVSS 5.3
CVE-2019-18334 MEDIUM
SPPA-T3000 Application Server < R8.2 SP2 - Unauthenticated Username Enumeration via Port 8090
CVSS 5.3
CVE-2019-18333 MEDIUM
SPPA-T3000 Application Server < R8.2 SP2 - Unauthenticated Sensitive Information Exposure via Port 8090
CVSS 5.3
CVE-2019-18332 MEDIUM
SPPA-T3000 Application Server < R8.2 SP2 - Unauthenticated Directory Listing Access via Crafted Packets
CVSS 5.3
CVE-2019-18331 MEDIUM
SPPA-T3000 Application Server < R8.2 SP2 - Exposure of Sensitive Information via Crafted Packets to 1099/tcp
CVSS 5.3
CVE-2019-18287 MEDIUM
SPPA-T3000 Application Server < R8.2 SP2 - Unauthenticated Sensitive Information Exposure via Directory Listing
CVSS 5.3
CVE-2019-18286 MEDIUM
SPPA-T3000 Application Server < R8.2 SP2 - Unauthenticated Sensitive Information Exposure via Directory Listing
CVSS 5.3
CVE-2019-0405 HIGH
SAP Enable Now < 1911 - User Enumeration and Information Disclosure
CVSS 7.5
CVE-2019-1489 HIGH
Windows XP - Information Disclosure via Remote Desktop Protocol
CVSS 7.5
CVE-2019-1487 MEDIUM
Microsoft Authentication Library for Android 0.3.1-Alpha and later - Information Disclosure
CVSS 6.5
CVE-2019-1474 MEDIUM
Windows - Kernel Information Disclosure via Improper Memory Object Handling
CVSS 5.5
CVE-2019-1472 MEDIUM
Windows 10 and Windows Server 2016/2019 - Kernel Information Disclosure via Memory Object Handling
CVSS 5.5
CVE-2019-1470 MEDIUM
Windows Hyper-V - Authenticated Information Disclosure via Improper Input Validation
CVSS 6.0
CVE-2019-1469 MEDIUM
Windows - Information Disclosure in Win32k Component
CVSS 5.5
CVE-2019-1467 MEDIUM
Windows GDI - Information Disclosure via Memory Handling
CVSS 6.5
CVE-2019-1464 MEDIUM
Microsoft Excel - Information Disclosure via Memory Contents Exposure
CVSS 5.5
CVE-2019-1463 MEDIUM
Microsoft Office - Information Disclosure via Memory Handling Issue
CVSS 5.5
CVE-2019-1400 MEDIUM
Microsoft Office - Information Disclosure via Memory Handling Issue
CVSS 5.5
CVE-2019-13744 MEDIUM
Google Chrome < 79.0.3945.79 - Cross-Origin Data Leak via Cookie Policy Enforcement
CVSS 6.5
CVE-2019-13737 MEDIUM
Google Chrome <79.0.3945.79 - Info Disclosure
CVSS 6.5
CVE-2019-19627 MEDIUM
SROS2 0.8.1 - Exposure of Sensitive Information via ROS 2 Node Data Leak
CVSS 5.3
CVE-2019-19625 MEDIUM
SROS 2 0.8.1 - Exposure of Sensitive Node Information via Leaky Default Configuration
CVSS 5.3
CVE-2019-19007 HIGH
Intelbras IWR 3000N <1.8.7 - Info Disclosure
CVSS 7.2
CVE-2019-18660 MEDIUM
Linux kernel <5.4.1 - Info Disclosure
CVSS 4.7
Details
Vulnerabilities 10,152
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits