CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,157 vulnerabilities with CWE-200
CVE-2018-21019 HIGH
Home Assistant < 0.67.0 - Unauthenticated Sensitive Information Exposure via API Error Log
CVSS 7.5
CVE-2018-21011 HIGH
Charitable < 1.5.14 - Unauthorized Exposure of User and Donation Details
CVSS 7.5
CVE-2018-13367 MEDIUM
FortiOS < 6.2.0 - Unauthenticated Sensitive Information Exposure via Admin WebUI JavaScript File
CVSS 5.3
CVE-2018-18056 MEDIUM
TI Tm4c123 Firmware - Information Disclosure
CVSS 4.6
CVE-2018-14669 HIGH
ClickHouse <1.1.54390 - Info Disclosure
CVSS 7.5
CVE-2018-20958 MEDIUM
Tapplock Firmware < 2018-06-12 - Unauthenticated Exposure of Sensitive Information via BLE MAC Address
CVSS 6.5
CVE-2018-20952 MEDIUM
cPanel 61.9999.55-62.0.39 - Unauthorized Sensitive Information Exposure via WHM Apache Includes Editor
CVSS 6.5
CVE-2018-20946 LOW
cPanel < 62.0.39 - Unauthorized Zone Information Exposure via Archive Sync Script
CVSS 3.3
CVE-2018-20944 LOW
cPanel 61.9999.55-62.0.38 - Unauthorized Sensitive Information Exposure via httpd.conf Syntax Test
CVSS 3.3
CVE-2018-20943 LOW
cPanel 61.9999.55-62.0.39 - Unauthorized Sensitive Information Exposure via Root Crontab File
CVSS 2.5
CVE-2018-20942 LOW
cPanel 61.9999.55-62.0.39 - Unauthorized Root Crontab File Exposure
CVSS 2.5
CVE-2018-20941 MEDIUM
cPanel < 68.0.27 - Unauthenticated Arbitrary File Read via Restore Adminbin
CVSS 5.6
CVE-2018-20939 LOW
cPanel < 62.0.39 - Unauthorized Directory Contents Exposure via Backup Feature
CVSS 3.3
CVE-2018-20913 MEDIUM
cPanel < 70.0.23 - Unauthenticated Root Access Hash Exposure via WHM Trust Cluster Master Endpoint
CVSS 4.9
CVE-2018-20902 MEDIUM
cPanel < 71.9980.37 - Unauthenticated Exposure of Sensitive Information via ClamAV Installation
CVSS 5.5
CVE-2018-20894 LOW
cPanel 71.9980.30-72.0.9 - Exposure of Sensitive Information via Git Repository
CVSS 3.3
CVE-2018-20889 MEDIUM
cPanel 69.9999.122-70.0.53 - Exposure of Sensitive Information via Password File Caching
CVSS 4.4
CVE-2018-20870 MEDIUM
cPanel < 76.0.8 - Exposure of Sensitive Information via WebDAV Debug Logging
CVSS 5.5
CVE-2018-17211 MEDIUM
PrinterOn Central Print Services <4.1.4 - Info Disclosure
CVSS 5.3
CVE-2018-13897 HIGH
Qualcomm Multiple Chipsets - Information Exposure via DNS Record
CVSS 7.5
CVE-2018-2022 MEDIUM
IBM QRadar SIEM 7.2-7.3 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-1968 MEDIUM
IBM Security Identity Manager 7.0.1 - Info Disclosure
CVSS 5.3
CVE-2018-14831 MEDIUM
DamiCMS 6.0.0 - Authenticated Arbitrary File Read via Tpl Add URI
CVSS 4.9
CVE-2018-14529 HIGH
Invoxia NVX220 Firmware - Unauthenticated Exposure of Sensitive Information via CLI Escape
CVSS 7.5
CVE-2018-14865 MEDIUM
Odoo Community 9.0-11.0 and Enterprise 9.0-11.0 - Local File Read via wkhtmltopdf Report Engine
CVSS 6.5
Details
Vulnerabilities 10,157
Exploit Likelihood High