CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,161 vulnerabilities with CWE-200
CVE-2018-12374
MEDIUM
Thunderbird < 52.9 - Info Disclosure
CVSS 4.3
CVE-2018-12373
MEDIUM
Thunderbird < 52.9 - Info Disclosure
CVSS 6.5
CVE-2018-12372
MEDIUM
Thunderbird < 52.9 - Info Disclosure
CVSS 6.5
CVE-2018-12365
MEDIUM
Thunderbird/Firefox < 60/61/<52.9 - Info Disclosure
CVSS 6.5
CVE-2018-12358
MEDIUM
Firefox < 61.0 - Exposure of Sensitive Information via Service Worker Redirection
CVSS 4.3
CVE-2018-0442
HIGH
Cisco Wireless LAN Controller < 8.2.170.0 - Memory Exposure via CAPWAP Keepalive
CVSS 7.5
CVE-2018-14597
MEDIUM
CA Technologies - Info Disclosure
CVSS 5.3
CVE-2018-18376
HIGH
Orange AirBox Y858_FL_01.16_04 - Exposure of Sensitive Information via getWlanClientInfo Endpoint
CVSS 7.5
CVE-2018-18073
MEDIUM
Artifex Ghostscript < 9.25 - Sandbox Protection Bypass via Exposed System Operators
CVSS 6.3
CVE-2018-18289
HIGH
MESILAT Zabbix Plugin < 1.1.15 - Arbitrary File Read
CVSS 7.5
CVE-2018-18287
MEDIUM
ASUS RT-AC58U 3.0.0.4.380_6516 Sensitive Info Exposure via Main_Login.asp
CVSS 5.3
CVE-2018-8890
HIGH
BlackBerry UEM <12.8.1 - Info Disclosure
CVSS 7.5
CVE-2018-1838
MEDIUM
IBM WebSphere Application Server 8.5 and 9.0 - Exposure of Sensitive Information via Improper Password Handling
CVSS 5.3
CVE-2018-1708
MEDIUM
IBM Spectrum Symphony 7.1.2 and 7.2.0.2 - Authenticated Exposure of Sensitive Information via WebUI
CVSS 6.5
CVE-2018-12161
MEDIUM
Intel Rapid Web Server 3 - Info Disclosure
CVSS 6.5
CVE-2018-12158
MEDIUM
Intel NUC FW <May 24, 2018 - DoS/Info Disclosure
CVSS 6.0
CVE-2018-17917
MEDIUM
Xiongmai XMeye P2P Cloud Server - Predictable Cloud ID Enumeration via MAC Address
CVSS 5.3
CVE-2018-8472
MEDIUM
Windows GDI - Information Disclosure via Memory Object Handling
CVSS 5.5
CVE-2018-8427
MEDIUM
Microsoft Graphics Components - Info Disclosure
CVSS 5.5
CVE-2018-8330
MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Handling
CVSS 5.5
CVE-2018-8292
HIGH
.NET Core 1.0, 1.1, 2.1 and PowerShell Core 6.0 - Information Disclosure via Redirect
CVSS 7.5
CVE-2018-1753
MEDIUM
IBM Security Key Lifecycle Manager 2.6-2.6.0.3 - Exposure of Sensitive Information via Error Message
CVSS 4.3
CVE-2018-1743
MEDIUM
IBM Security Key Lifecycle Manager 2.6.0-2.6.0.3 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-1000803
MEDIUM
Gitea < 1.5.1 - Unauthorized Exposure of Private Email Addresses via Repository Watch Notifications
CVSS 5.3
CVE-2018-15433
MEDIUM
Cisco Prime Infrastructure - Authenticated Exposure of Sensitive Information via GET Request
CVSS 4.3
Details
Vulnerabilities
10,161
Exploit Likelihood
High