CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,161 vulnerabilities with CWE-200
CVE-2018-9489
HIGH
Android 7.0-9.0 - Unauthenticated Exposure of Sensitive Wifi Network Information via Broadcast Intent
CVSS 7.5
CVE-2018-1606
MEDIUM
IBM Rational Collaborative Lifecycle Management 5.0-5.02 & 6.0-6.0.6 - Sensitive Info Exposure via Error Message
CVSS 4.3
CVE-2018-17907
LOW
Omron CX-Supervisor <3.4.1.0 - Info Disclosure
CVSS 3.3
CVE-2018-16849
LOW
Openstack-mistral - Info Disclosure
CVSS 3.1
CVE-2018-1878
MEDIUM
IBM Robotic Process Automation with Automation Anywhere 11 - Exposure of Sensitive Information via Web Request
CVSS 5.3
CVE-2018-3947
HIGH
Yi Home Camera 27US 1.8.7.0D - Unauthenticated Exposure of Sensitive Information via Network Traffic
CVSS 8.1
CVE-2018-3928
HIGH
Yi Home Camera 27US 1.8.7.0D - Denial of Service via UDP Packet Handling
CVSS 7.5
CVE-2018-13281
MEDIUM
Synology DiskStation Manager < 6.2-23739-2 - Authenticated Information Exposure via SYNO.Core.ACL file_path Parameter
CVSS 4.3
CVE-2018-16467
MEDIUM
Nextcloud Server < 14.0.0 - Unauthenticated Access to Password-Protected Share Previews
CVSS 5.3
CVE-2018-1380
LOW
IBM InfoSphere MDM CS <11.7 - Privilege Escalation
CVSS 2.7
CVE-2018-18778
MEDIUM
ACME mini-httpd < 1.30 - Unauthenticated Arbitrary File Read
CVSS 6.5
CVE-2018-18710
MEDIUM
Linux Kernel < 4.19 - Information Disclosure via cdrom_ioctl_select_disc
CVSS 5.5
CVE-2018-6559
LOW
Linux Kernel - Unauthorized File Name Exposure via overlayfs User Namespace Mount
CVSS 3.3
CVE-2018-18658
HIGH
Arcserve UDP - Unauthenticated Sensitive Information Exposure via FullUpdateSettings.xml
CVSS 7.5
CVE-2018-18657
HIGH
Arcserve UDP - Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl
CVSS 7.5
CVE-2018-11846
MEDIUM
Snapdragon Mobile - Info Disclosure
CVSS 4.7
CVE-2018-18655
MEDIUM
Prayer < 1.3.5 - Unauthenticated Exposure of Sensitive Information via Referer Header
CVSS 4.3
CVE-2018-18566
MEDIUM
Polycom VVX 500 and 601 Firmware < 5.8.0.12848 - Unauthenticated Sensitive Information Exposure via SIP Service
CVSS 5.3
CVE-2018-18467
HIGH
Conversations 2.3.4 - Exposure of Sensitive Information via Intent Spoofing
CVSS 7.5
CVE-2018-18428
HIGH
TP-Link TL-SC3130 1.6.18P12_121101 - Unauthenticated Exposure of Sensitive Information via RTSP Stream
CVSS 7.5
CVE-2018-12673
HIGH
SV3C H.264 POE IP Camera Firmware V2.3.4.2103-S50-NTD-B20170508B/B20170823B - Sensitive Information Exposure
CVSS 7.5
CVE-2018-12671
CRITICAL
SV3C H.264 PoE IP Camera Firmware V2.3.4.2103-S50-NTD-B20170508B/B20170823B - Sensitive Information Exposure
CVSS 9.8
CVE-2018-18390
HIGH
Moxa ThingsPro 2.1 - User Enumeration
CVSS 7.5
CVE-2018-15765
LOW
Dell EMC Secure Remote Services < 3.32.00.08 - Sensitive Information Exposure via Log File
CVSS 3.4
CVE-2018-18487
HIGH
Gxlcms v2.0 - Exposure of Sensitive Information via Predictable Database Backup Filename
CVSS 7.5
Details
Vulnerabilities
10,161
Exploit Likelihood
High