CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,160 vulnerabilities with CWE-200
CVE-2018-20154 MEDIUM
WP Maintenance Mode <2.0.7 - Info Disclosure
CVSS 4.3
CVE-2018-20151 HIGH
WordPress <4.9.9, 5.x <5.0.1 - Info Disclosure
CVSS 7.5
CVE-2018-19413 MEDIUM
SonarSource SonarQube <7.4 - Info Disclosure
CVSS 4.3
CVE-2018-19039 MEDIUM
Grafana < 4.6.5 and 5.x < 5.3.3 - Authenticated Arbitrary File Read
CVSS 6.5
CVE-2018-12076 MEDIUM
Avanti Markets MarketCard - Info Disclosure
CVSS 4.2
CVE-2018-1886 MEDIUM
IBM Security Access Manager 9.0.1.0-9.0.5.0 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-1805 MEDIUM
IBM Security Access Manager 9.0.1.0-9.0.5.0 - Exposure of Sensitive Information via Error Message
CVSS 4.3
CVE-2018-13811 MEDIUM
SIMATIC STEP 7 (TIA Portal) < V15.1 - Sensitive Information Exposure via Weak Password Hash
CVSS 5.5
CVE-2018-8033 HIGH
Apache OFBiz 16.11.01-16.11.04 - Info Disclosure
CVSS 7.5
CVE-2018-15718 HIGH
Opendental < 18.4 - Information Disclosure
CVSS 7.5
CVE-2018-1481 LOW
IBM BigFix Platform <9.2.14, <9.5.9 - Info Disclosure
CVSS 3.7
CVE-2018-1476 MEDIUM
IBM BigFix Platform <9.2.14, <9.5.9 - Info Disclosure
CVSS 5.3
CVE-2018-15328 HIGH
BIG-IP 11.2.1-11.6.3 - Exposure of Sensitive Information via SNMPv3 Passphrase Storage
CVSS 7.5
CVE-2018-8580 MEDIUM
Microsoft SharePoint - Info Disclosure
CVSS 4.3
CVE-2018-19968 MEDIUM
phpMyAdmin <4.8.4 - Info Disclosure
CVSS 6.5
CVE-2018-15800 HIGH
Cloud Foundry Bits Service < 2.18.0 - Timing Attack Leading to Signing Key Disclosure
CVSS 8.1
CVE-2018-3988 MEDIUM
Signal Messenger for Android 4.24.8 - Unauthorized Exposure of Sensitive Information via Photo Cache
CVSS 4.7
CVE-2018-1957 MEDIUM
IBM WebSphere App Server 9 - Info Disclosure
CVSS 4.0
CVE-2018-1000862 MEDIUM
Jenkins < 2.138.4 - Information Exposure via DirectoryBrowserSupport
CVSS 4.3
CVE-2018-19962 HIGH
Xen < 4.11.1 - Exposure of Sensitive Information via IOMMU Mapping Combination
CVSS 7.8
CVE-2018-1663 MEDIUM
IBM DataPower Gateways <7.6 - Info Disclosure
CVSS 5.9
CVE-2018-16603 MEDIUM
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Exposure via TCP Packet Processing
CVSS 5.9
CVE-2018-16602 MEDIUM
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Disclosure via DHCP Response Parsing
CVSS 5.9
CVE-2018-16600 MEDIUM
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Disclosure via ARP Packet Parsing
CVSS 5.9
CVE-2018-16599 MEDIUM
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Disclosure via NBNS Packet Parsing
CVSS 5.9
Details
Vulnerabilities 10,160
Exploit Likelihood High