CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,161 vulnerabilities with CWE-200
CVE-2018-15967
HIGH
Adobe Flash Player < 31.0.0.108 - Information Disclosure
CVSS 7.5
CVE-2018-15964
HIGH
Adobe ColdFusion 2018.0.0.310739 (Update 6 and earlier, Update 14 and earlier) - Information Disclosure
CVSS 7.5
CVE-2018-15962
MEDIUM
Adobe ColdFusion 2018.0.0.310739 Update 6 and earlier - Directory Listing Information Disclosure
CVSS 5.3
CVE-2018-10498
MEDIUM
Samsung Email <5.0.02.16 - Info Disclosure
CVSS 5.5
CVE-2018-15615
HIGH
Avaya Call Management System Supervisor R17.0.x and R18.0.x - Local Sensitive Information Exposure
CVSS 7.2
CVE-2018-17404
MEDIUM
SBIbuddy 1.41-1.42 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-17402
MEDIUM
PhonePe wallet <3.3.26 - Info Disclosure
CVSS 5.3
CVE-2018-14731
HIGH
Parcel parcel-bundler - Info Disclosure
CVSS 7.5
CVE-2018-14730
HIGH
browserify-hmr < 0.4.0 - Unauthenticated Exposure of Sensitive Information via WebSocket Server
CVSS 7.5
CVE-2018-8023
MEDIUM
Apache Mesos <1.4.2, 1.5.0, 1.5.1, 1.6.0 - Timing Attack
CVSS 5.9
CVE-2018-1685
MEDIUM
IBM DB2 9.7, 10.1, 10.5, 11.1 - Unauthorized File Read via db2cacpy
CVSS 5.5
CVE-2018-1800
MEDIUM
IBM Sterling B2B Integrator 5.2.6.0 and 6.2.6.1 - Exposure of Sensitive Information During Installation
CVSS 5.1
CVE-2018-3831
HIGH
Elasticsearch 5.6.0-5.6.11 - Authenticated Exposure of Sensitive Information via _cluster/settings API
CVSS 8.8
CVE-2018-3826
MEDIUM
Elasticsearch 6.0.0-beta1-6.2.4 - Exposure of Sensitive Information via _snapshot API
CVSS 6.5
CVE-2018-16671
MEDIUM
CIRCONTROL CirCarLife <4.3 - Info Disclosure
CVSS 5.3
CVE-2018-11275
MEDIUM
Android - Exposure of Sensitive Information via FastbootLib Image Flashing
CVSS 5.5
CVE-2018-14642
MEDIUM
Undertow < 2.0.19.FINAL - Information Disclosure via Write Buffer Flush
CVSS 5.3
CVE-2018-16959
MEDIUM
Oracle WebCenter Interaction Portal 10.3.3 - Info Disclosure
CVSS 5.3
CVE-2018-17091
MEDIUM
i4a donlinkage 6.6.8 - Exposure of Sensitive Information via Direct Request for temporary.txt
CVSS 5.4
CVE-2018-16288
HIGH
LG SuperSign CMS - Unauthenticated Arbitrary File Read via signEzUI Playlist Upload Path Traversal
CVSS 8.6
CVE-2018-1698
MEDIUM
IBM Maximo Asset Mgmt <7.6.3 - Info Disclosure
CVSS 5.3
CVE-2018-15310
MEDIUM
BIG-IP APM portal access <12.1.3 - Info Disclosure
CVSS 4.3
CVE-2018-8452
MEDIUM
Internet Explorer and Microsoft Edge - Information Disclosure via Scripting Engine Memory Handling
CVSS 4.3
CVE-2018-8446
MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Object Handling
CVSS 5.5
CVE-2018-8445
MEDIUM
Windows 10 and Windows Server - Kernel Information Disclosure via Memory Object Handling
CVSS 5.5
Details
Vulnerabilities
10,161
Exploit Likelihood
High