CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,157 vulnerabilities with CWE-200
CVE-2018-13808 CRITICAL
Siemens CP 1604 and CP 1616 Firmware - Exposure of Sensitive Information and Denial of Service via Telnet Port
CVSS 9.1
CVE-2018-6239 MEDIUM
NVIDIA Jetson TX2 < R28.3 - Unauthorized Information Disclosure via Speculative Execution
CVSS 5.5
CVE-2018-13366 MEDIUM
Fortinet FortiOS <= 5.6.7 - Information Disclosure via PPTP Hostname Field
CVSS 5.3
CVE-2018-1999 MEDIUM
IBM Business Automation Workflow <18.0.0.3 - Info Disclosure
CVSS 4.3
CVE-2018-1885 MEDIUM
IBM Business Automation Workflow 18.0.0.0-18.0.0.2 - Unauthenticated Exposure of Sensitive Information via HTTP Request
CVSS 5.3
CVE-2018-20449 MEDIUM
Linux Kernel 4.14.90 - Exposure of Sensitive Information via hidma_chan_stats Debugfs File
CVSS 5.5
CVE-2018-11971 MEDIUM
Snapdragon Auto - Info Disclosure
CVSS 5.5
CVE-2018-4445 MEDIUM
Safari < 12.0.2 and iPhone OS < 12.1.1 - Unauthorized Exposure of Sensitive Browsing History
CVSS 4.3
CVE-2018-4431 MEDIUM
iPhone OS < 12.1.1 - Unprotected User Data Exposure via Memory Initialization Issue
CVSS 5.5
CVE-2018-4430 LOW
iPhone OS < 12.1.1 - Unauthorized Contact Access via Lock Screen Bypass
CVSS 2.4
CVE-2018-4403 MEDIUM
macOS < 10.14.1 - Unprotected User Data Exposure via Entitlement Misconfiguration
CVSS 5.5
CVE-2018-4388 MEDIUM
iPhone OS < 12.1 - Unauthenticated Exposure of Sensitive Information via Lock Screen Share Function
CVSS 4.6
CVE-2018-4387 LOW
iPhone OS < 12.1 - Unauthorized Photo Access via Reply With Message
CVSS 2.4
CVE-2018-4380 MEDIUM
iPhone OS < 12.1 - Unauthorized Access to Photos and Contacts via Lock Screen
CVSS 5.5
CVE-2018-4379 MEDIUM
iPhone OS < 12.0.1 - Unauthorized Access to Share Function via Lock Screen
CVSS 5.5
CVE-2018-4355 MEDIUM
iPhone OS < 12.0 and macOS < 10.14 - Unauthorized Exposure of Sensitive Information
CVSS 5.5
CVE-2018-4352 LOW
iPhone OS < 12.0 - Unauthorized Sensitive Information Exposure via Application Snapshots
CVSS 3.3
CVE-2018-4325 LOW
iPhone OS < 12.0 - Unauthorized Exposure of Sensitive Information
CVSS 2.4
CVE-2018-4311 HIGH
Safari < 12 - Exposure of Sensitive Information via Origin Information
CVSS 8.1
CVE-2018-4300 MEDIUM
CUPS < 2.2.10 - Unauthenticated Exposure of Sensitive Information via Weak Session Cookie
CVSS 5.9
CVE-2018-4289 MEDIUM
macOS < 10.13.6 - Unprotected User Data Exposure
CVSS 5.5
CVE-2018-4052 MEDIUM
GOG Galaxy Games 1.2.47 - Local Information Leak via Privileged Helper Tool
CVSS 5.5
CVE-2018-1917 LOW
IBM InfoSphere Information Server <11.8 - Info Disclosure
CVSS 3.5
CVE-2018-1874 MEDIUM
IBM API Connect 5.0.0.0-5.0.8.5 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 4.6
CVE-2018-1625 MEDIUM
IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 - Exposure of Sensitive Information via Error Message
CVSS 4.3
Details
Vulnerabilities 10,157
Exploit Likelihood High