CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,160 vulnerabilities with CWE-200
CVE-2018-16870
MEDIUM
wolfssl < 3.15.7 - TLS Downgrade Attack via Bleichenbacher Attack Variant
CVSS 5.9
CVE-2018-16876
MEDIUM
ansible <2.5.14-2.7.5 - Info Disclosure
CVSS 5.3
CVE-2018-7900
MEDIUM
Huawei HG8010H/HG8040H/HG8110H/HG8240H/HG8242H/HG8045Q Firmware - Information Disclosure
CVSS 6.5
CVE-2018-20609
MEDIUM
imcat 4.4 - Exposure of Sensitive Information via check.php
CVSS 5.3
CVE-2018-20608
HIGH
imcat 4.4 - Unauthenticated Sensitive Information Exposure via adbug binfo.php
CVSS 7.5
CVE-2018-20607
MEDIUM
imcat 4.4 - Exposure of Sensitive Information via Debugging Endpoint
CVSS 5.3
CVE-2018-20606
HIGH
imcat 4.4 - Information Disclosure via dev.php URI
CVSS 7.5
CVE-2018-20602
HIGH
Lei Feng TV CMS 3.8.6 - Full Path Disclosure via /install.php
CVSS 7.5
CVE-2018-14986
HIGH
Leagoo Z5C Firmware - Unauthorized Exposure of SMS Data via Messaging Content Provider
CVSS 7.5
CVE-2018-14984
HIGH
Leagoo Z5C Firmware - Unauthenticated SMS Transmission via Exported Broadcast Receiver
CVSS 7.5
CVE-2018-14979
MEDIUM
ASUS ZenFone 3 Max - Info Disclosure
CVSS 4.7
CVE-2018-20571
HIGH
DamiCMS 6.0.1 - Unauthenticated Arbitrary File Read via Tpl/Add/id Parameter
CVSS 7.5
CVE-2018-20511
MEDIUM
Linux Kernel < 4.18.11 - Authenticated Kernel Address Exposure via SIOCFINDIPDDPRT ioctl
CVSS 5.5
CVE-2018-11741
CRITICAL
NEC Univerge SV9100 WebPro Firmware 6.00.00 - Account Information Disclosure via Predictable Session ID
CVSS 9.8
CVE-2018-20483
HIGH
GNU Wget < 1.20.1 - Sensitive Information Exposure via Extended File Attributes
CVSS 7.8
CVE-2018-20478
HIGH
S-CMS 1.0 - Unauthenticated Sensitive File Exposure via Mixed-Case Extension Bypass
CVSS 7.5
CVE-2018-8919
HIGH
Synology DiskStation Manager < 6.1.6-15266 - Credential Exposure via SYNO.Core.Desktop.SessionData
CVSS 8.3
CVE-2018-20371
CRITICAL
PhotoRange Photo Vault 1.2 - Exposure of Sensitive Information via Password in URI
CVSS 9.8
CVE-2018-18441
HIGH
D-Link DCS Series Firmware >= 1.00 - Unauthenticated Exposure of Sensitive Information via /common/info.cgi
CVSS 7.5
CVE-2018-17244
MEDIUM
Elasticsearch Security <6.4.2 - Info Disclosure
CVSS 6.5
CVE-2018-20307
MEDIUM
Pulse Secure Virtual Traffic Manager <9.9r2, 10.4r1 - Info Disclosure
CVSS 4.3
CVE-2018-16883
LOW
sssd 1.13.0-<2.0.0 - Unauthorized Information Exposure via Infopipe
CVSS 2.5
CVE-2018-7812
HIGH
Modicon M340-Quantum - Info Disclosure
CVSS 7.5
CVE-2018-19976
MEDIUM
YARA 3.8.1 - Exposure of Sensitive Information via Bytecode Environment Leak
CVSS 5.5
CVE-2018-20170
MEDIUM
OpenStack Keystone <14.0.1 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities
10,160
Exploit Likelihood
High