CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,157 vulnerabilities with CWE-200
CVE-2018-11215 CRITICAL
Cloudera Data Science Workbench < 1.3.0 - Remote Code Execution
CVSS 9.8
CVE-2018-20812 HIGH
Pulse Secure Desktop < 9.0R1 - Unauthorized IPv6 DNS Traffic Exposure via VPN Tunnel Bypass
CVSS 7.5
CVE-2018-20811 MEDIUM
Pulse Connect Secure 8.3RX < 8.3R2 and 8.1RX < 8.1R12 - Exposure of Sensitive Information via Hidden RPC Service
CVSS 5.3
CVE-2018-6177 MEDIUM
Google Chrome <68.0.3440.75 - Info Disclosure
CVSS 4.3
CVE-2018-6168 MEDIUM
Google Chrome <68.0.3440.75 - Info Disclosure
CVSS 6.5
CVE-2018-6159 MEDIUM
Google Chrome <68.0.3440.75 - Info Disclosure
CVSS 6.5
CVE-2018-6150 MEDIUM
Google Chrome <66.0.3359.117 - Info Disclosure
CVSS 6.5
CVE-2018-6134 MEDIUM
Google Chrome <67.0.3396.62 - Info Disclosure
CVSS 6.5
CVE-2018-20073 MEDIUM
Google Chrome <72.0.3626.81 - Info Disclosure
CVSS 5.5
CVE-2018-1734 MEDIUM
IBM Rational Collaborative Lifecycle Management 6.0-6.0.6.1 - Exposure of Sensitive Information in Error Messages
CVSS 4.3
CVE-2018-2013 MEDIUM
IBM API Connect 2018.1-2018.4.1.5 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-2011 MEDIUM
IBM API Connect 2018.1-2018.4.1.5 - Exposure of Sensitive Information via HTTP Request
CVSS 5.3
CVE-2018-15665 MEDIUM
Cloudera Data Science Workbench 1.2.0-1.4.0 - Unauthenticated Exposure of Sensitive Information
CVSS 5.3
CVE-2018-18839 MEDIUM
Netdata 1.10.0 - Full Path Disclosure via Alarm API Endpoint
CVSS 5.3
CVE-2018-11942 MEDIUM
Qualcomm Ipq4019 Firmware - Information Disclosure
CVSS 5.5
CVE-2018-10946 MEDIUM
Polycom RealPresence Debut Firmware < 1.3.0-66872 - Unauthenticated Exposure of Admin Password via Web UI
CVSS 6.8
CVE-2018-7122 MEDIUM
HPE Intelligent Management Center PLAT < 7.3 E0506P09 - Remote Information Disclosure
CVSS 5.3
CVE-2018-15131 MEDIUM
Synacor Zimbra Collaboration Suite <8.6.0-8.8.9 - Info Disclosure
CVSS 5.3
CVE-2018-12130 MEDIUM
Microarchitectural Fill Buffer Data Sampling - Info Disclosure
CVSS 5.9
CVE-2018-12127 MEDIUM
Intel Microarchitectural Load Port Data Sampling Firmware - Information Disclosure via Side Channel
CVSS 5.6
CVE-2018-12126 MEDIUM
Intel Microarchitectural Store Buffer Data Sampling Firmware - Information Disclosure via Side Channel
CVSS 5.6
CVE-2018-13365 MEDIUM
Fortinet FortiOS < 5.6.5 - Information Exposure via Application Control Block Page
CVSS 5.3
CVE-2018-13885 MEDIUM
Qualcomm Snapdragon - Memory Overread and Sensitive Data Exposure
CVSS 5.5
CVE-2018-12004 MEDIUM
Qualcomm Snapdragon Firmware - Unauthorized Sensitive Information Exposure via Secure Keypad Unlock
CVSS 5.5
CVE-2018-11976 MEDIUM
Qualcomm Snapdragon - Info Disclosure
CVSS 5.5
Details
Vulnerabilities 10,157
Exploit Likelihood High