CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,167 vulnerabilities with CWE-200
CVE-2018-5995 MEDIUM
Linux kernel <4.14.14 - Info Disclosure
CVSS 5.5
CVE-2018-5953 MEDIUM
Linux kernel <4.14.14 - Info Disclosure
CVSS 5.5
CVE-2018-15132 HIGH
PHP <5.6.37, <7.0.31, <7.1.20, <7.2.8 - Path Traversal
CVSS 7.5
CVE-2018-7071 MEDIUM
HPE Network Function Virtualization Director < 4.2.1 - Exposure of Sensitive Information via Remote Access
CVSS 4.3
CVE-2018-7070 MEDIUM
HPE CentralView Fraud Risk Management < 6.1 - Exposure of Sensitive Information
CVSS 5.3
CVE-2018-1528 MEDIUM
IBM Maximo Asset Management 7.6.0.0-7.6.3.0 - Authenticated Exposure of Sensitive Information via WhoAmI API
CVSS 4.3
CVE-2018-14941 MEDIUM
Harmonic NSG 9000 - Info Disclosure
CVSS 6.5
CVE-2018-14928 HIGH
Matera Banco - Information Exposure via ServletFileDownload
CVSS 7.5
CVE-2018-1999041 MEDIUM
Jenkins Tinfoil Security Plugin <1.6.1 - Info Disclosure
CVSS 5.5
CVE-2018-1999040 HIGH
Jenkins Kubernetes Plugin <1.10.1 - Info Disclosure
CVSS 8.8
CVE-2018-1999033 MEDIUM
Jenkins Anchore Container Image Scanner Plugin <= 10.16 - Exposure of Sensitive Information via AnchoreBuilder.java
CVSS 6.5
CVE-2018-1999031 MEDIUM
Jenkins meliora-testlab Plugin <1.14 - Info Disclosure
CVSS 6.5
CVE-2018-1999030 MEDIUM
Jenkins Maven Artifact ChoiceListProvider <1.3.1 - Info Disclosure
CVSS 5.4
CVE-2018-1999028 HIGH
Jenkins Accurev Plugin <0.7.16 - Info Disclosure
CVSS 8.8
CVE-2018-14316 MEDIUM
Foxit Reader 9.0.1.5096 - Info Disclosure
CVSS 6.5
CVE-2018-11621 MEDIUM
Foxit Reader and PhantomPDF < 9.1.0.5096 - Out-of-bounds Read in ConvertToPDF_x86.dll
CVSS 6.5
CVE-2018-11620 MEDIUM
Foxit Reader and PhantomPDF < 9.1.0.5096 - Out-of-bounds Read in ConvertToPDF_x86.dll
CVSS 6.5
CVE-2018-5544 HIGH
F5 BIG-IP APM <13.2 - Info Disclosure
CVSS 7.5
CVE-2018-14432 MEDIUM
OpenStack Keystone <13.0.0 - Auth Bypass
CVSS 5.3
CVE-2018-14685 CRITICAL
gxlcms 1.1.4 - Unauthenticated Arbitrary File Read via Admin-Tpl-ADD-id Parameter
CVSS 9.8
CVE-2018-14602 HIGH
GitLab <10.8.7, <11.0.5, <11.1.2 - Info Disclosure
CVSS 7.5
CVE-2018-14083 HIGH
LICA miniCMTS E8K - Info Disclosure
CVSS 7.5
CVE-2018-10627 CRITICAL
Echelon SmartServer <4.11.007, i.LON 100, i.LON - Info Disclosure
CVSS 9.8
CVE-2018-5386 HIGH
Navarino Infinity <2.2 - Info Disclosure
CVSS 7.5
CVE-2018-14328 CRITICAL
Brynamics Online Trade - Info Disclosure
CVSS 9.8
Details
Vulnerabilities 10,167
Exploit Likelihood High