CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-3652
HIGH
Intel Xeon E3 5th-6th Gen - Exposure of Sensitive Information via DCI Debug Interface
CVSS 7.6
CVE-2018-3619
MEDIUM
Intel Core i7 and Core i5 - Unauthorized Data Exposure via Physical Access to Optane Memory Module
CVSS 4.6
CVE-2018-10890
MEDIUM
moodle < 3.1.13 - Exposure of Sensitive Information via Web Service
CVSS 4.3
CVE-2018-1423
MEDIUM
IBM Jazz Foundation - Info Disclosure
CVSS 4.3
CVE-2018-1337
CRITICAL
Apache Directory LDAP API < 1.0.2 - Exposure of Sensitive Information via TLS Handshake Bypass
CVSS 9.8
CVE-2018-4993
HIGH
Adobe Acrobat DC < 15.006.30417, 15.008.20082-18.011.20038 - NTLM SSO Hash Theft
CVSS 7.5
CVE-2018-4965
HIGH
Adobe Acrobat DC < 15.006.30418, 17.011.30080, 18.011.20040 - Memory Corruption and Information Disclosure
CVSS 7.5
CVE-2018-1548
MEDIUM
IBM API Connect 2018.1.0.0-2018.2.4 - Authenticated Exposure of Sensitive Information
CVSS 4.3
CVE-2018-1000402
MEDIUM
Jenkins AWS CodeDeploy Plugin <1.19 - Info Disclosure
CVSS 4.3
CVE-2018-5892
HIGH
Qualcomm Snapdragon Mobile and Wear Firmware - Unauthorized User Behavior Data Collection via Touch Pal
CVSS 7.5
CVE-2018-1546
MEDIUM
IBM API Connect 5.0.0.0-5.0.8.3 - Exposure of Sensitive Information via Missing HSTS Enforcement
CVSS 5.9
CVE-2018-9998
MEDIUM
Open-Xchange App Suite Information Disclosure via Task API Folder Parameter
CVSS 6.5
CVE-2018-12021
MEDIUM
Singularity 2.3.0-2.5.1 - Unauthorized Sensitive Information Exposure via Overlay File System
CVSS 6.5
CVE-2018-9185
HIGH
Fortinet FortiOS < 6.0.0 - Unauthenticated Exposure of Web Portal Credentials via Single Sign-On Bookmark Feature
CVSS 8.1
CVE-2018-13123
CRITICAL
OneFileCMS < 2017-10-09 - Unauthenticated Arbitrary File Read via i and f Parameters
CVSS 9.8
CVE-2018-7776
MEDIUM
Schneider Electric U.motion Builder <1.3.4 - Info Disclosure
CVSS 4.3
CVE-2018-10596
HIGH
Medtronic 2090 CareLink Programmer - SSRF
CVSS 7.1
CVE-2018-12892
CRITICAL
Xen 4.7-4.10.x - Privilege Escalation
CVSS 9.9
CVE-2018-12990
MEDIUM
phpwcms 1.8.9 - Exposure of Sensitive Information via CSRF Token Validation
CVSS 5.3
CVE-2018-12997
HIGH
Zohocorp Firewall Analyzer - Information Disclosure
CVSS 7.5
CVE-2018-12927
HIGH
Northern Electric & Power Inverter Firmware - Unauthenticated Sensitive Information Exposure via nep/status/index/1 URI
CVSS 7.5
CVE-2018-12926
HIGH
Pharos Controls Firmware - Unauthenticated Sensitive Information Exposure via Default URI
CVSS 7.5
CVE-2018-12923
HIGH
BWS Systems HA-Bridge - Exposure of Sensitive Information via Direct Request to #!/system URI
CVSS 7.5
CVE-2018-12921
HIGH
Electro Industries GaugeTech Nexus Firmware - Unauthenticated Sensitive Information Exposure via Direct URI Request
CVSS 7.5
CVE-2018-12920
HIGH
FLIR Brickstream 2300 Firmware - Unauthenticated Sensitive Information Exposure via Direct URI Request
CVSS 7.5
Details
Vulnerabilities
10,172
Exploit Likelihood
High