CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,167 vulnerabilities with CWE-200
CVE-2018-1999006 MEDIUM
Jenkins <2.132-2.121.1 - Info Disclosure
CVSS 4.3
CVE-2018-1999009 HIGH
October CMS < 1.0.437 - Local File Inclusion and Remote Code Execution via ViewMaker.php
CVSS 8.1
CVE-2018-1679 MEDIUM
IBM Sterling B2B Integrator <5.2.6 - Info Disclosure
CVSS 5.3
CVE-2018-1564 MEDIUM
IBM Sterling B2B Integrator 5.2.0.1-5.2.6.2 - Authenticated Exposure of Sensitive Information via Debugging Messages
CVSS 4.4
CVE-2018-1470 MEDIUM
IBM Sterling File Gateway <2.2.7 - Info Disclosure
CVSS 4.3
CVE-2018-1398 MEDIUM
IBM Sterling File Gateway <2.2.7 - Info Disclosure
CVSS 5.3
CVE-2018-1587 MEDIUM
IBM Rational Rhapsody/Design Manager 5.0-5.0.2/6.0-6.0.5 Info Disclosure via Error Messages
CVSS 4.3
CVE-2018-1612 MEDIUM
IBM QRadar SIEM 7.2-7.3 - Unauthenticated Exposure of Sensitive Information
CVSS 5.8
CVE-2018-13860 HIGH
Trivum C4 Professional Firmware < V9.34 - Unauthenticated Sensitive Information Exposure
CVSS 7.5
CVE-2018-14333 HIGH
TeamViewer <13.1.1548 - Info Disclosure
CVSS 8.1
CVE-2018-10857 MEDIUM
git-annex - Exposure of Sensitive Information via Localhost or LAN Web Server
CVSS 5.9
CVE-2018-10859 MEDIUM
git-annex - Information Exposure via Malicious Special Remote Server
CVSS 5.9
CVE-2018-0368 HIGH
Cisco Application Policy Infrastructu... - Information Disclosure
CVSS 7.8
CVE-2018-8024 MEDIUM
Apache Spark 2.1.0-2.1.2, 2.2.0-2.2.1, 2.3.0 - Cross-Site Scripting via Job and Stage Info Pages
CVSS 5.4
CVE-2018-1334 MEDIUM
Apache Spark 1.0.0-2.1.2, 2.2.0-2.2.1, 2.3.0 - Unauthorized User Impersonation via Local Connection
CVSS 4.7
CVE-2018-8325 MEDIUM
Microsoft Edge - Information Disclosure via Memory Handling Issue
CVSS 4.3
CVE-2018-8324 MEDIUM
Microsoft Edge - Information Disclosure via Improper Memory Handling
CVSS 4.3
CVE-2018-8305 MEDIUM
Windows Mail Client - Info Disclosure
CVSS 6.5
CVE-2018-8297 MEDIUM
Microsoft Edge - Information Disclosure via Improper Memory Handling
CVSS 4.3
CVE-2018-8289 MEDIUM
Microsoft Edge - Information Disclosure via Improper Memory Handling
CVSS 4.3
CVE-2018-3652 HIGH
Intel Xeon E3 5th-6th Gen - Exposure of Sensitive Information via DCI Debug Interface
CVSS 7.6
CVE-2018-3619 MEDIUM
Intel Core i7 and Core i5 - Unauthorized Data Exposure via Physical Access to Optane Memory Module
CVSS 4.6
CVE-2018-10890 MEDIUM
moodle < 3.1.13 - Exposure of Sensitive Information via Web Service
CVSS 4.3
CVE-2018-1423 MEDIUM
IBM Jazz Foundation - Info Disclosure
CVSS 4.3
CVE-2018-1337 CRITICAL
Apache Directory LDAP API < 1.0.2 - Exposure of Sensitive Information via TLS Handshake Bypass
CVSS 9.8
Details
Vulnerabilities 10,167
Exploit Likelihood High