CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,153 vulnerabilities with CWE-200
CVE-2019-1010283 HIGH
Univention Corporate Server <12.0.1-3 - Info Disclosure
CVSS 7.5
CVE-2019-1575 HIGH
PAN-OS <7.1.23, <8.0.18, <8.1.8-h4, <9.0.2 - Info Disclosure
CVSS 8.8
CVE-2019-1116 MEDIUM
Windows 7 and Windows Server 2008 - Information Disclosure in GDI Component
CVSS 6.5
CVE-2019-1112 MEDIUM
Microsoft Office - Information Disclosure via Memory Contents Exposure
CVSS 5.5
CVE-2019-1108 MEDIUM
Windows RDP Client - Information Disclosure via Memory Exposure
CVSS 6.5
CVE-2019-1101 MEDIUM
Windows 7 and Windows Server 2008 - Information Disclosure in GDI Component
CVSS 6.5
CVE-2019-1100 MEDIUM
Windows 7 and Windows Server 2008 - Information Disclosure in GDI Component
CVSS 6.5
CVE-2019-1099 MEDIUM
Windows 7 and Windows Server 2008 - Information Disclosure in GDI Component
CVSS 6.5
CVE-2019-1098 MEDIUM
Windows 7 and Windows Server 2008 - Information Disclosure in GDI Component
CVSS 6.5
CVE-2019-1097 MEDIUM
Windows DirectWrite - Information Disclosure via Memory Exposure
CVSS 5.5
CVE-2019-1096 MEDIUM
Windows - Information Disclosure in win32k Component
CVSS 5.5
CVE-2019-1095 MEDIUM
Windows GDI - Information Disclosure via Memory Handling
CVSS 6.5
CVE-2019-1094 MEDIUM
Windows GDI - Information Disclosure via Memory Contents Exposure
CVSS 6.5
CVE-2019-1093 MEDIUM
Windows DirectWrite - Information Disclosure via Memory Exposure
CVSS 5.5
CVE-2019-1091 MEDIUM
Windows 10 and Windows Server 2016/2019 - Information Disclosure in Unistore.dll
CVSS 5.5
CVE-2019-1084 MEDIUM
Microsoft Exchange Server - Authenticated Information Disclosure via Invalid Display Name Handling
CVSS 6.5
CVE-2019-1073 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Object Handling
CVSS 5.5
CVE-2019-1071 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Object Handling
CVSS 5.5
CVE-2019-1010299 MEDIUM
Rust Programming Language Standard Library <1.30.0 - Info Disclosure
CVSS 5.3
CVE-2019-1010024 MEDIUM
glibc - ASLR Bypass via Thread Stack and Heap Cache
CVSS 5.3
CVE-2019-4193 HIGH
IBM Jazz for Service Management 1.1.3-1.1.3.2 - Exposure of Sensitive Information via URL Parameters
CVSS 7.5
CVE-2019-0048 MEDIUM
Juniper Junos OS on EX4300 Series - Firewall Filter Bypass via Multicast Traffic Mismatch
CVSS 5.8
CVE-2019-11268 MEDIUM
Cloud Foundry UAA < 73.3.0 - Authenticated Information Disclosure via Improper Escaping
CVSS 4.3
CVE-2019-11991 CRITICAL
HPE 3PAR Service Processor Firmware 4.1-4.4 - Remote Information Disclosure
CVSS 9.8
CVE-2019-13314 HIGH
virt-bootstrap 1.1.0 - Exposure of Sensitive Information via Root Password Option
CVSS 7.8
Details
Vulnerabilities 10,153
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits