CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,153 vulnerabilities with CWE-200
CVE-2019-18660 MEDIUM
Linux kernel <5.4.1 - Info Disclosure
CVSS 4.7
CVE-2019-10195 MEDIUM
IPA <4.6.7, <4.7.4, <4.8.3 - Info Disclosure
CVSS 6.5
CVE-2019-18679 HIGH
Squid 2.x-4.x < 4.8 - Information Disclosure via HTTP Digest Authentication Nonce Tokens
CVSS 7.5
CVE-2019-18461 MEDIUM
GitLab 11.3.0-12.3.0 - Incorrect Access Control
CVSS 4.3
CVE-2019-18460 HIGH
GitLab 8.15-12.4 - Exposure of Sensitive Information via Comments Search Elasticsearch Integration
CVSS 7.5
CVE-2019-10224 MEDIUM
389-ds-base <1.4.1.3 - Info Disclosure
CVSS 4.6
CVE-2019-10217 MEDIUM
Ansible 2.8.0-2.8.4 - Info Disclosure
CVSS 6.5
CVE-2019-5880 HIGH
Google Chrome < 77.0.3865.75 - Cross-Origin Data Leak via Crafted HTML Page
CVSS 7.4
CVE-2019-16285 MEDIUM
HP ThinPro Linux - Unauthenticated Exposure of Sensitive Information via Physical Access
CVSS 4.6
CVE-2019-6852 HIGH
Modicon Controllers - Info Disclosure
CVSS 7.5
CVE-2019-10083 MEDIUM
Apache NiFi 1.3.0-1.9.2 - Unauthorized Sensitive Information Exposure via Process Group API
CVSS 5.3
CVE-2019-19022 HIGH
iTerm2 < 3.3.6 - Sensitive Information Exposure via Search History in Plist File
CVSS 7.5
CVE-2019-18987 MEDIUM
MediaWiki AbuseFilter <1.34 - Info Disclosure
CVSS 5.3
CVE-2019-0390 MEDIUM
SAP Data Hub - Exposure of Sensitive Information via Connection Manager
CVSS 4.3
CVE-2019-14367 HIGH
Slack-Chat <1.5.5 - Info Disclosure
CVSS 7.5
CVE-2019-14366 HIGH
WP SlackSync <1.8.5 - Info Disclosure
CVSS 7.5
CVE-2019-14365 HIGH
Intercom plugin <1.2.1 - Info Disclosure
CVSS 7.5
CVE-2019-1446 MEDIUM
Microsoft Excel - Information Disclosure via Memory Contents Exposure
CVSS 5.5
CVE-2019-1440 MEDIUM
Windows 10 and Windows Server 2016/2019 - Kernel Information Disclosure in win32k
CVSS 5.5
CVE-2019-1439 MEDIUM
Windows GDI - Information Disclosure via Memory Handling
CVSS 6.5
CVE-2019-1436 MEDIUM
Windows 10 and Windows Server 2016/2019 - Kernel Information Disclosure in win32k
CVSS 5.5
CVE-2019-1418 LOW
Windows Modules Installer Service - Information Disclosure via Improper File Information Handling
CVSS 3.3
CVE-2019-1402 MEDIUM
Microsoft Office - Information Disclosure via Improper Memory Handling
CVSS 5.5
CVE-2019-1381 MEDIUM
Windows Servicing Stack - Info Disclosure
CVSS 5.5
CVE-2019-1374 MEDIUM
Windows Error Reporting - Info Disclosure
CVSS 5.5
Details
Vulnerabilities 10,153
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits