CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,153 vulnerabilities with CWE-200
CVE-2018-21069 HIGH
Samsung Android N(7.x) - Kernel Stack Memory Exposure in MediaTek Driver
CVSS 7.5
CVE-2018-21067 MEDIUM
Android - Unauthorized Information Exposure via Trustlet Address Logging
CVSS 5.3
CVE-2018-21060 HIGH
Android N(7.x) and O(8.x) - Unauthorized Exposure of Keyboard Learned Words via Emergency Contact Picker
CVSS 7.5
CVE-2018-21059 HIGH
Android N(7.x) and O(8.x) - Unauthorized Clipboard Content Exposure via Emergency Contact Picker
CVSS 7.5
CVE-2018-21056 MEDIUM
Samsung Android O(8.x) - Unauthorized Exposure of Secure Folder Notification Content
CVSS 4.6
CVE-2018-21053 MEDIUM
Android N(7.x)-P(9.0) - Unauthenticated Clipboard Access via Lockscreen Physical Keyboard
CVSS 4.6
CVE-2018-21048 MEDIUM
Samsung Android O(8.x) - Unauthorized Notification Exposure on Locked Device in Standalone Dex Mode
CVSS 6.2
CVE-2018-21045 MEDIUM
Samsung Android N(7.x) and O(8.x) - Unauthenticated Clipboard Access in Lockscreen State
CVSS 6.2
CVE-2018-21043 LOW
Samsung Android O(8.x) and P(9.0) - Kernel Pointer Information Disclosure in g2d_drv Driver
CVSS 3.3
CVE-2018-21083 HIGH
Samsung Android M(6.0)-O(8.0) - Kernel Address Exposure via Trustonic TEE
CVSS 7.5
CVE-2018-20333 HIGH
ASUSWRT 3.0.0.4.384.20308 - Unauthenticated Sensitive Information Exposure via update_applist.asp
CVSS 7.5
CVE-2018-8878 MEDIUM
ASUSWRT-Merlin <384.4 & ASUS Firmware <3.0.0.4.382.50470 - Info Disclosure via blocking.asp
CVSS 5.3
CVE-2018-8877 MEDIUM
ASUS and Asuswrt-Merlin Firmware - Information Disclosure via new_lan_ip Variable
CVSS 5.3
CVE-2018-3987 MEDIUM
Rakuten Viber 9.3.0.6 - Exposure of Sensitive Information via Secret Chats Photo Storage
CVSS 5.5
CVE-2018-16269 HIGH
Samsung Galaxy Gear < RE2 - Sensitive Information Exposure via D-Bus Misconfiguration
CVSS 7.5
CVE-2018-16264 MEDIUM
Tizen < 5.0 M1 - Unauthenticated Exposure of Sensitive Information via D-Bus Security Policy Misconfiguration
CVSS 6.5
CVE-2018-20495 MEDIUM
GitLab 11.3.0-11.4.12, 11.5.0-11.5.5, 11.6.0 - Information Exposure
CVSS 5.3
CVE-2018-20488 MEDIUM
GitLab 9.3.0-11.4.12, 11.5.0-11.5.5, 11.6.0 - Information Exposure
CVSS 4.3
CVE-2018-1682 MEDIUM
IBM Watson Studio Local <1.2.3 - Info Disclosure
CVSS 5.3
CVE-2018-21026 HIGH
Hitachi Device Manager 7.0.0-8.6.4 - Unauthenticated Exposure of Sensitive Information
CVSS 7.5
CVE-2018-9581 LOW
Android 10 - Unauthenticated Exposure of Sensitive WiFi Information via Broadcast Intents
CVSS 3.3
CVE-2018-21019 HIGH
Home Assistant < 0.67.0 - Unauthenticated Sensitive Information Exposure via API Error Log
CVSS 7.5
CVE-2018-21011 HIGH
Charitable < 1.5.14 - Unauthorized Exposure of User and Donation Details
CVSS 7.5
CVE-2018-13367 MEDIUM
FortiOS < 6.2.0 - Unauthenticated Sensitive Information Exposure via Admin WebUI JavaScript File
CVSS 5.3
CVE-2018-18056 MEDIUM
TI Tm4c123 Firmware - Information Disclosure
CVSS 4.6
Details
Vulnerabilities 10,153
Exploit Likelihood High