CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,160 vulnerabilities with CWE-200
CVE-2018-17944
MEDIUM
Lexmark CX725h/CX820/CX825/CX860/XC4150/XC6152/XC8155/XC8160 Firmware - Unauthenticated LDAP/SMTP Credential Exposure
CVSS 4.9
CVE-2018-2009
MEDIUM
IBM API Connect 2018.1-2018.4.1 - Unauthorized Information Disclosure via Consumer API
CVSS 6.5
CVE-2018-1902
LOW
IBM WebSphere App Server <9.0 - Info Disclosure
CVSS 3.1
CVE-2018-11783
HIGH
Apache Traffic Server 6.0.0-6.0.3 7.0.0-7.1.5 8.0.0-8.0.1 - Exposure of Sensitive Information via sslheaders Plugin
CVSS 7.5
CVE-2018-12400
MEDIUM
Firefox for Android < 63.0 - Exposure of Sensitive Information via Favicon Caching in Private Browsing Mode
CVSS 5.3
CVE-2018-12397
HIGH
Firefox < 63 - Unauthorized Local File Access via WebExtension
CVSS 7.1
CVE-2018-1775
MEDIUM
IBM Spectrum Virtualize 7.5-8.2 - Authenticated Arbitrary File Read
CVSS 6.5
CVE-2018-11845
MEDIUM
Qualcomm Snapdragon Firmware - Information Leak via Non-Time-Constant Comparison
CVSS 5.5
CVE-2018-1950
MEDIUM
IBM Security Identity Governance And Intelligence < 5.2.4.1 - Information Disclosure
CVSS 4.3
CVE-2018-1949
MEDIUM
IBM Security Identity Governance And Intelligence < 5.2.4.1 - Information Disclosure
CVSS 4.3
CVE-2018-12006
MEDIUM
Android - Unauthorized Data Access via Uninitialized Display Padding
CVSS 5.5
CVE-2018-20776
HIGH
Frog CMS 0.9.5 - Exposure of Sensitive Information via Directory Listing
CVSS 7.5
CVE-2018-1296
HIGH
Apache Hadoop 2.5.0-2.7.5 and 2.8.0-2.8.3 - Unauthorized Exposure of Extended Attributes
CVSS 7.5
CVE-2018-18334
HIGH
Trend Micro Dr. Safety < 3.0.1478 - Exposure of Sensitive Information via Same Origin Policy Bypass
CVSS 7.5
CVE-2018-15659
MEDIUM
42gears SureMDM < 6.35 - Unauthenticated Exposure of Sensitive Information via Silverlight Cross-Origin Access
CVSS 6.5
CVE-2018-15658
HIGH
42gears SureMDM < 2018-11-27 - Unauthenticated Exposure of Sensitive Information via Master Console Page
CVSS 7.5
CVE-2018-15656
HIGH
42gears SureMDM < 2018-11-27 - Unauthenticated User Enumeration via Registration API Email Parameter
CVSS 7.5
CVE-2018-15655
MEDIUM
42gears SureMDM < 6.35 - Unauthenticated Exposure of Sensitive Information via CORS Misconfiguration
CVSS 6.5
CVE-2018-1675
MEDIUM
IBM Tivoli Application Dependency Discovery Manager < 7.2.2.5 - Information Disclosure
CVSS 6.8
CVE-2018-18941
CRITICAL
Vignette Content Management 6 - Unauthenticated Administrator Password Exposure via User Edit Page
CVSS 9.8
CVE-2018-19440
MEDIUM
ARM Trusted Firmware-A - Info Disclosure
CVSS 5.3
CVE-2018-12610
MEDIUM
OX App Suite <7.8.4 - Info Disclosure
CVSS 5.3
CVE-2018-1976
MEDIUM
IBM API Connect <5.0.8.4 - Info Disclosure
CVSS 4.9
CVE-2018-16889
MEDIUM
Ceph < 13.2.4 - Sensitive Information Disclosure in Debug Logging
CVSS 5.5
CVE-2018-5497
MEDIUM
Clustered Data ONTAP <9.1P16-9.4P5 - Info Disclosure
CVSS 4.4
Details
Vulnerabilities
10,160
Exploit Likelihood
High