CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,157 vulnerabilities with CWE-200
CVE-2018-1623
MEDIUM
IBM Security Privileged Identity Manager 2.2.1 - Sensitive Information Exposure via Local Storage
CVSS 4.0
CVE-2018-13297
MEDIUM
Synology Drive < 1.1.2-10562 - Information Exposure via dsm_path Parameter
CVSS 5.3
CVE-2018-13295
MEDIUM
Synology Application Service < 1.5.4-0320 - Authenticated Information Exposure via Version Parameter
CVSS 4.3
CVE-2018-13294
MEDIUM
Synology Application Service < 1.5.4-0320 - Authenticated Information Exposure via uid Parameter
CVSS 4.3
CVE-2018-13292
MEDIUM
Synology Router Manager < 1.1.7-6941-2 - Sensitive Information Exposure via World-Readable Mount Configuration
CVSS 4.3
CVE-2018-13291
MEDIUM
Synology DiskStation Manager 5.2-6.2.1-23824 - Authenticated Sensitive Information Exposure via Mount Configuration
CVSS 4.3
CVE-2018-13290
MEDIUM
Synology Router Manager < 1.1.7-6941-2 - Authenticated Information Exposure via file_path Parameter
CVSS 4.3
CVE-2018-13289
MEDIUM
Synology Router Manager < 1.1.7-6941-2 - Information Exposure via Folder Path Parameter
CVSS 5.3
CVE-2018-13288
MEDIUM
Synology File Station < 1.1.5-0125 - Exposure of Sensitive Information via folder_path or real_path Parameter
CVSS 5.3
CVE-2018-19643
MEDIUM
Micro Focus SBM <11.5 - Info Disclosure
CVSS 4.7
CVE-2018-20555
CRITICAL
Design Chemical Social Network Tabs 1.7.1 - Exposure of Sensitive Twitter Credentials via dcwp_twitter.php
CVSS 9.8
CVE-2018-19487
HIGH
WP-jobhunt < 2.4 - Unauthenticated User Information Enumeration via admin-ajax.php
CVSS 7.5
CVE-2018-18762
MEDIUM
SaltOS 3.1 r8126 - Unauthenticated Database Download
CVSS 6.5
CVE-2018-17502
MEDIUM
The Receptionist for iPad - Info Disclosure
CVSS 4.0
CVE-2018-17484
MEDIUM
Lobby Track Desktop - Info Disclosure
CVSS 4.0
CVE-2018-17483
LOW
Lobby Track Desktop - Info Disclosure
CVSS 2.9
CVE-2018-17482
MEDIUM
Lobby Track Desktop - Info Disclosure
CVSS 4.0
CVE-2018-15532
LOW
Synaptics Touchpad Driver < 2018-06-06 - Exposure of Sensitive Information via Freed Kernel Address
CVSS 3.8
CVE-2018-18205
HIGH
Topvision CC8800 CMTS C-E - Exposure of Sensitive Information via Direct Request
CVSS 7.5
CVE-2018-17956
HIGH
yast2-samba-provision <= 1.0.1 - Local Password Exposure via Command Line
CVSS 7.8
CVE-2018-1929
MEDIUM
IBM Rational Engineering Lifecycle Manager <6.0.6 - Info Disclosure
CVSS 4.3
CVE-2018-12224
LOW
Intel Graphics Driver - Information Disclosure via Buffer Leakage in igdkm64.sys
CVSS 3.3
CVE-2018-17944
MEDIUM
Lexmark CX725h/CX820/CX825/CX860/XC4150/XC6152/XC8155/XC8160 Firmware - Unauthenticated LDAP/SMTP Credential Exposure
CVSS 4.9
CVE-2018-2009
MEDIUM
IBM API Connect 2018.1-2018.4.1 - Unauthorized Information Disclosure via Consumer API
CVSS 6.5
CVE-2018-1902
LOW
IBM WebSphere App Server <9.0 - Info Disclosure
CVSS 3.1
Details
Vulnerabilities
10,157
Exploit Likelihood
High