CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,157 vulnerabilities with CWE-200
CVE-2018-10815
MEDIUM
Cloudera Manager <5.13.4, 5.14.x <5.14.4, 5.15.x <5.15.1 - Unauthorized Sensitive Cluster Information Exposure
CVSS 6.5
CVE-2018-7844
HIGH
Modicon M580, M340, Quantum, and Premium Firmware - SNMP Information Exposure via Modbus Memory Block Read
CVSS 7.5
CVE-2018-7848
HIGH
Modicon M580, M340, Quantum, and Premium Firmware - SNMP Information Exposure via Modbus File Read
CVSS 7.5
CVE-2018-1991
LOW
IBM API Connect <5.0.8.6 - Info Disclosure
CVSS 2.7
CVE-2018-2005
LOW
IBM BigFix Platform 9.2-9.5 < 9.2.17 - Exposure of Sensitive Information in Process Memory
CVSS 3.3
CVE-2018-16656
HIGH
Kyocera TASKalfa 4002i/6002i - Info Disclosure
CVSS 7.5
CVE-2018-12301
HIGH
Seagate NAS OS 4.3.15.1 - Exposure of Sensitive Information via Download Manager URL
CVSS 7.5
CVE-2018-7083
HIGH
Aruba Instant 4.0-4.2.4.11 - Unauthenticated Sensitive Information Exposure via Core Dump Access
CVSS 7.5
CVE-2018-1990
MEDIUM
IBM Cloud App Mgmt <V2018.4.1 - Info Disclosure
CVSS 5.3
CVE-2018-2008
MEDIUM
IBM TRIRIGA Application Platform 3.5.3-3.5.3.5 - Authenticated Exposure of Sensitive Information
CVSS 4.3
CVE-2018-19456
HIGH
WP Backup+ <2018-11-22 - Info Disclosure
CVSS 7.5
CVE-2018-13991
MEDIUM
PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx 1.0-1.34 - Exposure of Sensitive Information via Firmware Images
CVSS 5.3
CVE-2018-18977
HIGH
Ascensia Contour Diabetes < 2.5.0 - Sensitive Medical Information Exposure via Weak Obfuscation
CVSS 7.5
CVE-2018-18975
HIGH
Ascensia Contour Diabetes < 2.4.30 - Exposure of Sensitive Medical Information via Weak Certificate Pinning
CVSS 7.5
CVE-2018-4071
HIGH
Sierra Wireless AirLink ES450 Firmware 4.9.3 - Authenticated Information Disclosure via EmbeddedAceGet_Task.cgi
CVSS 8.8
CVE-2018-4070
HIGH
Sierra Wireless AirLink ES450 Firmware 4.9.3 - Authenticated Information Disclosure via EmbeddedAceGet_Task.cgi
CVSS 8.8
CVE-2018-4067
MEDIUM
Sierra Wireless AirLink ES450 Firmware 4.9.3 - Authenticated Information Disclosure via ACEManager template_load.cgi
CVSS 6.5
CVE-2018-4069
HIGH
Sierra Wireless AirLink ES450 Firmware 4.9.3 - Information Exposure via Plaintext ACEManager Authentication
CVSS 7.5
CVE-2018-4068
MEDIUM
Sierra Wireless AirLink ES450 Firmware 4.9.3 - Unauthenticated Exposure of Sensitive Information via ACEManager
CVSS 5.3
CVE-2018-20510
MEDIUM
Linux Kernel 4.14.90 - Exposure of Sensitive Information via Binder Debugfs
CVSS 5.5
CVE-2018-20509
MEDIUM
Linux Kernel 4.14.90 - Exposure of Sensitive Information via Binder Debugfs
CVSS 5.5
CVE-2018-1961
MEDIUM
IBM Emptoris Contract Management <10.1.3.0 - Info Disclosure
CVSS 5.3
CVE-2018-18511
MEDIUM
Firefox < 65.0.1 - Unauthorized Cross-Origin Image Data Exposure via Canvas transferFromImageBitmap
CVSS 4.3
CVE-2018-1729
MEDIUM
IBM QRadar SIEM 7.3.0-7.3.1 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-13378
HIGH
Fortinet FortiSIEM < 5.2.0 - Unauthenticated LDAP Password Exposure via HTML Source Code
CVSS 7.2
Details
Vulnerabilities
10,157
Exploit Likelihood
High