CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,160 vulnerabilities with CWE-200
CVE-2018-16527 MEDIUM
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Disclosure via ICMP Packet Parsing
CVSS 5.9
CVE-2018-16524 MEDIUM
Amazon Web Services FreeRTOS < 1.3.1 and FreeRTOS < 10.0.1 - Information Disclosure in TCP Options Parsing
CVSS 5.9
CVE-2018-9554 MEDIUM
Android 7.0-8.1 - Unauthenticated Local Information Disclosure via IMediaExtractor Permissions Bypass
CVSS 5.5
CVE-2018-1935 MEDIUM
IBM Connections <6.0 - Info Disclosure
CVSS 4.3
CVE-2018-1505 MEDIUM
IBM i2 Enterprise Insight Analysis 2.1.7 - Unauthorized Exposure of Sensitive Information via Local Web Page Storage
CVSS 4.0
CVE-2018-12155 MEDIUM
Intel Integrated Performance Primitives < 2019 - Authenticated Information Disclosure via Cryptographic Library
CVSS 5.5
CVE-2018-15773 MEDIUM
Dell Encryption < 10.1.0 - Unauthorized Sensitive Information Exposure via RegBack Folder
CVSS 4.3
CVE-2018-1732 MEDIUM
IBM QRadar Advisor with Watson 1.1.0-1.14.0 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-1697 MEDIUM
IBM Maximo Asset Mgmt <7.6 - Info Disclosure
CVSS 4.3
CVE-2018-1568 MEDIUM
IBM QRadar Incident Forensics 7.2.0-7.2.8 - Exposure of Sensitive Information via Local Web Page Storage
CVSS 4.0
CVE-2018-18648 HIGH
GitLab 11.2.0-11.2.6, 11.3.0-11.3.7, 11.4.0-11.4.2 - Information Exposure Through Error Message
CVSS 7.5
CVE-2018-18645 MEDIUM
GitLab < 11.2.7, 11.3.x < 11.3.8, 11.4.x < 11.4.3 - Information Exposure via Unsubscribe Links in Email Replies
CVSS 4.3
CVE-2018-18644 MEDIUM
GitLab 11.x < 11.2.7, 11.3.x < 11.3.8, 11.4.x < 11.4.3 - Information Exposure via Prometheus Integration
CVSS 6.5
CVE-2018-18640 MEDIUM
GitLab < 11.2.7, 11.3.x < 11.3.8, 11.4.x < 11.4.3 - Information Exposure Through Browser Caching
CVSS 6.5
CVE-2018-17976 MEDIUM
GitLab 11.0.0-11.1.8 - Information Exposure via Epic Change Descriptions
CVSS 6.5
CVE-2018-17975 MEDIUM
GitLab 11.x < 11.1.8, 11.2.x < 11.2.5, 11.3.x < 11.3.2 - Information Exposure via GFM Markdown API
CVSS 5.3
CVE-2018-17939 HIGH
GitLab 11.1.x-11.1.8 11.2.x-11.2.5 11.3.x-11.3.2 - Information Exposure via Merge Request JSON Endpoint
CVSS 7.5
CVE-2018-5496 MEDIUM
Data ONTAP <8.2.5P2 - Info Disclosure
CVSS 4.4
CVE-2018-6099 MEDIUM
Google Chrome <66.0.3359.117 - Info Disclosure
CVSS 6.5
CVE-2018-6095 MEDIUM
Google Chrome <66.0.3359.117 - Info Disclosure
CVSS 6.5
CVE-2018-12318 HIGH
ASUSTOR ADM <3.1.1 - Info Disclosure
CVSS 8.8
CVE-2018-12308 MEDIUM
ASUSTOR ADM <3.1.1 - Info Disclosure
CVSS 6.5
CVE-2018-19854 MEDIUM
Linux kernel <4.19.3 - Info Disclosure
CVSS 4.7
CVE-2018-3854 HIGH
Quicken Deluxe 2018 for Mac 5.2.2 - Unauthenticated Exposure of Sensitive Information via SQLite Request
CVSS 7.1
CVE-2018-14702 HIGH
Drobo 5N2 NAS <4.0.5-13.28.96115 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 10,160
Exploit Likelihood High