CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,161 vulnerabilities with CWE-200
CVE-2018-12374 MEDIUM
Thunderbird < 52.9 - Info Disclosure
CVSS 4.3
CVE-2018-12373 MEDIUM
Thunderbird < 52.9 - Info Disclosure
CVSS 6.5
CVE-2018-12372 MEDIUM
Thunderbird < 52.9 - Info Disclosure
CVSS 6.5
CVE-2018-12365 MEDIUM
Thunderbird/Firefox < 60/61/<52.9 - Info Disclosure
CVSS 6.5
CVE-2018-12358 MEDIUM
Firefox < 61.0 - Exposure of Sensitive Information via Service Worker Redirection
CVSS 4.3
CVE-2018-0442 HIGH
Cisco Wireless LAN Controller < 8.2.170.0 - Memory Exposure via CAPWAP Keepalive
CVSS 7.5
CVE-2018-14597 MEDIUM
CA Technologies - Info Disclosure
CVSS 5.3
CVE-2018-18376 HIGH
Orange AirBox Y858_FL_01.16_04 - Exposure of Sensitive Information via getWlanClientInfo Endpoint
CVSS 7.5
CVE-2018-18073 MEDIUM
Artifex Ghostscript < 9.25 - Sandbox Protection Bypass via Exposed System Operators
CVSS 6.3
CVE-2018-18289 HIGH
MESILAT Zabbix Plugin < 1.1.15 - Arbitrary File Read
CVSS 7.5
CVE-2018-18287 MEDIUM
ASUS RT-AC58U 3.0.0.4.380_6516 Sensitive Info Exposure via Main_Login.asp
CVSS 5.3
CVE-2018-8890 HIGH
BlackBerry UEM <12.8.1 - Info Disclosure
CVSS 7.5
CVE-2018-1838 MEDIUM
IBM WebSphere Application Server 8.5 and 9.0 - Exposure of Sensitive Information via Improper Password Handling
CVSS 5.3
CVE-2018-1708 MEDIUM
IBM Spectrum Symphony 7.1.2 and 7.2.0.2 - Authenticated Exposure of Sensitive Information via WebUI
CVSS 6.5
CVE-2018-12161 MEDIUM
Intel Rapid Web Server 3 - Info Disclosure
CVSS 6.5
CVE-2018-12158 MEDIUM
Intel NUC FW <May 24, 2018 - DoS/Info Disclosure
CVSS 6.0
CVE-2018-17917 MEDIUM
Xiongmai XMeye P2P Cloud Server - Predictable Cloud ID Enumeration via MAC Address
CVSS 5.3
CVE-2018-8472 MEDIUM
Windows GDI - Information Disclosure via Memory Object Handling
CVSS 5.5
CVE-2018-8427 MEDIUM
Microsoft Graphics Components - Info Disclosure
CVSS 5.5
CVE-2018-8330 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Handling
CVSS 5.5
CVE-2018-8292 HIGH
.NET Core 1.0, 1.1, 2.1 and PowerShell Core 6.0 - Information Disclosure via Redirect
CVSS 7.5
CVE-2018-1753 MEDIUM
IBM Security Key Lifecycle Manager 2.6-2.6.0.3 - Exposure of Sensitive Information via Error Message
CVSS 4.3
CVE-2018-1743 MEDIUM
IBM Security Key Lifecycle Manager 2.6.0-2.6.0.3 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-1000803 MEDIUM
Gitea < 1.5.1 - Unauthorized Exposure of Private Email Addresses via Repository Watch Notifications
CVSS 5.3
CVE-2018-15433 MEDIUM
Cisco Prime Infrastructure - Authenticated Exposure of Sensitive Information via GET Request
CVSS 4.3
Details
Vulnerabilities 10,161
Exploit Likelihood High