CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,160 vulnerabilities with CWE-200
CVE-2018-0187 MEDIUM
Cisco Identity Services Engine - Authenticated Exposure of Sensitive Information via Admin Portal
CVSS 6.5
CVE-2018-2026 MEDIUM
IBM Financial Transaction Manager 3.2.1 - Authenticated Exposure of Sensitive Information via Directory Listing
CVSS 4.3
CVE-2018-19718 MEDIUM
Adobe Connect <9.8.1 - Info Disclosure
CVSS 5.3
CVE-2018-5738 MEDIUM
BIND 9.9.12-9.12.1-P2, 9.13.0 - Unintended Recursive Query Access Control Bypass
CVSS 5.3
CVE-2018-16866 LOW
systemd-journald <v239 - Info Disclosure
CVSS 3.3
CVE-2018-4217 HIGH
macOS High Sierra < 10.13.5 - Unauthorized Exposure of Open Directory Records
CVSS 7.5
CVE-2018-4186 HIGH
Safari < 11.1 - Information Leakage via Private Browsing Download Handling
CVSS 7.5
CVE-2018-4185 HIGH
iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Information Disclosure via State Transition
CVSS 7.5
CVE-2018-4179 MEDIUM
macOS High Sierra 10.13.0-10.13.3 - Unauthorized Smartcard PIN Exposure
CVSS 5.5
CVE-2018-15456 MEDIUM
Cisco Identity Services Engine - Authenticated Plaintext Password Exposure in Admin Portal
CVSS 4.3
CVE-2018-0474 HIGH
Cisco Unified Communications Manager - Authenticated Cleartext Credential Exposure in Web Management Interface
CVSS 8.8
CVE-2018-20681 MEDIUM
mate-screensaver < 1.20.2 - Unauthorized Screen Content Exposure via External Display Reconnection
CVSS 6.1
CVE-2018-16192 MEDIUM
Aterm WF1200CR Firmware < 1.1.1 and Aterm WG1200CR Firmware < 1.0.1 - Exposure of Sensitive Information
CVSS 6.5
CVE-2018-1000410 HIGH
Jenkins < 2.145 and LTS < 2.138.1 - Authenticated Exposure of Sensitive Information via Form Submission Handling
CVSS 7.8
CVE-2018-6179 MEDIUM
Google Chrome <68.0.3440.75 - Local File Access
CVSS 6.5
CVE-2018-6164 MEDIUM
Google Chrome <68.0.3440.75 - Info Disclosure
CVSS 6.5
CVE-2018-6147 MEDIUM
Google Chrome <67.0.3396.62 - Info Disclosure
CVSS 5.5
CVE-2018-6137 MEDIUM
Google Chrome < 67.0.3396.62 - Cross-Origin Data Leak via CSS Paint API
CVSS 6.5
CVE-2018-6117 MEDIUM
Google Chrome <66.0.3359.117 - Info Disclosure
CVSS 6.5
CVE-2018-6109 MEDIUM
Google Chrome <66.0.3359.117 - Info Disclosure
CVSS 6.5
CVE-2018-6093 MEDIUM
Google Chrome <66.0.3359.117 - Info Disclosure
CVSS 6.5
CVE-2018-16078 MEDIUM
Google Chrome < 69.0.3497.81 - Unsafe Credit Card Detail Handling in Autofill
CVSS 6.5
CVE-2018-1993 MEDIUM
IBM Spectrum Scale <5.0.0 - Info Disclosure
CVSS 4.0
CVE-2018-1932 MEDIUM
IBM API Connect <5.0.8.4 - Info Disclosure
CVSS 4.9
CVE-2018-3986 MEDIUM
Telegram 4.9.0 - Exposure of Sensitive Information via Secret Chats Photo Storage
CVSS 5.5
Details
Vulnerabilities 10,160
Exploit Likelihood High