CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,167 vulnerabilities with CWE-200
CVE-2018-15684
MEDIUM
BTITeam XBTIT < 2.5.4 - Sensitive Information Exposure via PHP Error Logs
CVSS 5.3
CVE-2018-16539
MEDIUM
Artifex Ghostscript < 9.24 - Unauthorized File Read via Temp File Handling
CVSS 5.5
CVE-2018-1353
MEDIUM
Fortinet FortiManager < 6.0.1 - Unauthorized Interface Settings Exposure via ADOM Assignment
CVSS 4.3
CVE-2018-7938
LOW
P10 Huawei <Victoria-AL00AC00B217 - Info Disclosure
CVSS 3.3
CVE-2018-10927
HIGH
Debian Linux < 3.12.14 - Information Disclosure
CVSS 8.1
CVE-2018-10913
MEDIUM
glusterfs 3.12.0-3.12.13 - Information Disclosure via Xattr Request
CVSS 6.5
CVE-2018-10911
HIGH
glusterfs 3.12.0-3.12.13 - Integer Overflow in dic_unserialize Function
CVSS 7.5
CVE-2018-16323
MEDIUM
ImageMagick < 6.9.10-9 - Information Exposure via XBM Image Processing
CVSS 6.5
CVE-2018-6259
LOW
NVIDIA GeForce Experience < 3.14.1 - Information Disclosure via GameStream
CVSS 2.5
CVE-2018-15364
MEDIUM
Trend Micro OfficeScan XG 12.0 - Info Disclosure
CVSS 4.7
CVE-2018-14902
HIGH
EPSON iPrint <6.6.3 - Info Disclosure
CVSS 7.5
CVE-2018-13391
MEDIUM
Atlassian Jira < 7.6.8, 7.7.0-7.7.4, 7.8.0-7.8.4, 7.9.0-7.9.2, 7.10.0-7.10.2, 7.11.0-7.11.1 - Email Address Exposure
CVSS 5.3
CVE-2018-1705
MEDIUM
IBM Platform Symphony 7.1, 7.1.1 & IBM Spectrum Symphony 7.1.2, 7.2.0.2 - Sensitive Info Exposure
CVSS 6.5
CVE-2018-15919
MEDIUM
OpenSSH 5.9-7.8 - User Enumeration via GSS2 Authentication
CVSS 5.3
CVE-2018-1644
LOW
IBM WebSphere Commerce 7.0.0.0-9.0.0.4 - Authenticated Exposure of Sensitive Information
CVSS 3.1
CVE-2018-15698
MEDIUM
ASUSTOR Data Master < 3.1.5 - Authenticated Arbitrary File Read via loginimage.cgi
CVSS 6.5
CVE-2018-15697
MEDIUM
ASUSTOR Data Master < 3.1.5 - Authenticated Arbitrary File Read via Share Path
CVSS 6.5
CVE-2018-15696
MEDIUM
ASUSTOR Data Master < 3.1.5 - Authenticated User Enumeration via user.cgi
CVSS 4.3
CVE-2018-11654
HIGH
Netwave IP Camera Firmware - Unauthenticated Sensitive Information Exposure via get_status.cgi
CVSS 7.5
CVE-2018-11653
CRITICAL
Netwave IP Camera - Unauthenticated Sensitive Information Exposure via RT2870STA.dat
CVSS 9.8
CVE-2018-1755
MEDIUM
IBM WebSphere Application Server Liberty - Sensitive Information Exposure via JASPIC Authentication
CVSS 5.9
CVE-2018-1999046
MEDIUM
Jenkins <2.137-2.121.2 - Info Disclosure
CVSS 4.3
CVE-2018-10919
MEDIUM
Canonical Ubuntu Linux < 4.6.16 - Information Disclosure
CVSS 4.3
CVE-2018-15668
MEDIUM
Bloop Airmail 3 3.5.9 - Unauthenticated Exposure of Sensitive Information via airmail:// URL Scheme
CVSS 5.3
CVE-2018-15661
HIGH
Ola Money 1.9.0 - Authentication Bypass via Forgot Password Screen
CVSS 7.5
Details
Vulnerabilities
10,167
Exploit Likelihood
High