CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,161 vulnerabilities with CWE-200
CVE-2018-6082 MEDIUM
Google Chrome <65.0.3325.146 - Info Disclosure
CVSS 4.7
CVE-2018-6079 MEDIUM
Google Chrome <65.0.3325.146 - Info Disclosure
CVSS 6.5
CVE-2018-6077 MEDIUM
Google Chrome <65.0.3325.146 - Info Disclosure
CVSS 6.5
CVE-2018-6075 MEDIUM
Google Chrome <65.0.3325.146 - Info Disclosure
CVSS 6.5
CVE-2018-6066 MEDIUM
Google Chrome <65.0.3325.146 - Info Disclosure
CVSS 6.5
CVE-2018-17468 MEDIUM
Chrome < 70.0.3538.67 - Cross-Origin URL Exposure via Timer Information Mishandling
CVSS 6.5
CVE-2018-3621 MEDIUM
Intel Driver & Support Assistant < 3.6.0.4 - Unauthenticated Information Disclosure via Adjacent Access
CVSS 6.5
CVE-2018-8565 MEDIUM
Windows - Kernel Information Disclosure in win32k Component
CVSS 5.5
CVE-2018-8558 MEDIUM
Office 365 ProPlus - Info Disclosure
CVSS 6.5
CVE-2018-8454 MEDIUM
Windows 10 and Windows Server 2016/2019 - Information Disclosure in Audio Service
CVSS 5.5
CVE-2018-6260 MEDIUM
NVIDIA GPU Driver - Local Exposure of Sensitive Application Data via GPU Performance Counters
CVSS 5.5
CVE-2018-15771 MEDIUM
Dell EMC RecoverPoint < 5.1.2.1 and RecoverPoint for VMs < 5.2.0.2 - Information Disclosure via Boxmgmt CLI
CVSS 5.5
CVE-2018-18591 MEDIUM
Micro Focus Service Manager 9.30-9.51 - Unauthorized Data Exposure
CVSS 6.8
CVE-2018-19246 HIGH
php-proxy 5.1.0 - Unauthenticated Local File Read via Default Config Key
CVSS 7.5
CVE-2018-19226 MEDIUM
LAOBANCMS 2.0 - Unauthenticated Sensitive Information Exposure via Direct File Access
CVSS 5.3
CVE-2018-19205 HIGH
Roundcube Webmail < 1.3.7 - Exposure of Sensitive Information via GnuPG MDC Integrity-Protection Mishandling
CVSS 7.5
CVE-2018-19194 MEDIUM
XiaoCms <20141229 - Info Disclosure
CVSS 5.3
CVE-2018-19148 LOW
Caddy < 0.11.0 - Sensitive Information Exposure via Invalid Host Header
CVSS 3.7
CVE-2018-19133 MEDIUM
Flarum Core 0.1.0-beta.7.1 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-1857 MEDIUM
IBM DB2 11.1 - Unauthorized Data Access via FGAC Bypass
CVSS 4.8
CVE-2018-19046 MEDIUM
keepalived 2.0.8 - Exposure of Sensitive Information via Temporary File Handling
CVSS 4.7
CVE-2018-19045 HIGH
keepalived 2.0.8 - Exposure of Sensitive Information via Temporary File Permissions
CVSS 7.5
CVE-2018-15446 MEDIUM
Cisco Meeting Server - Unauthenticated Exposure of Sensitive Meeting Information via Legacy Guest Access Mode
CVSS 5.3
CVE-2018-19075 MEDIUM
Opticam i5 and Foscam C2 - Unauthorized Information Exposure via Firewall Error Messages
CVSS 5.3
CVE-2018-18590 CRITICAL
Micro Focus Operations Bridge 2017.11, 2018.02, 2018.05, 2018.08 - Remote Code Execution and Information Disclosure
CVSS 9.6
Details
Vulnerabilities 10,161
Exploit Likelihood High