CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-1553
MEDIUM
IBM WebSphere Application Server Liberty < 18.0.0.2 - Sensitive Information Exposure via SAML Web SSO Exception Handling
CVSS 5.3
CVE-2018-1306
HIGH
Apache Pluto 3.0.0 - Exposure of Sensitive Information via File Upload Path Disclosure
CVSS 7.5
CVE-2018-5436
MEDIUM
TIBCO Spotfire <7.12.0, <7.8.1-7.12.0 - Info Disclosure
CVSS 6.5
CVE-2018-12908
CRITICAL
Brynamics - Exposure of Sensitive Information via Direct Request to /dashboard/deposit
CVSS 9.8
CVE-2018-12907
HIGH
rclone 1.42 - Unauthenticated Exposure of Sensitive Information via Google Cloud Storage API URL Field
CVSS 7.5
CVE-2018-1614
MEDIUM
IBM WebSphere App Server <9.0 - Info Disclosure
CVSS 5.8
CVE-2018-3760
HIGH
Redhat Cloudforms < 2.12.4 - Information Disclosure
CVSS 7.5
CVE-2018-4861
MEDIUM
SCALANCE M875 - Authenticated Path Traversal via Web Interface
CVSS 4.9
CVE-2018-10663
HIGH
Axis IP Cameras - Exposure of Sensitive Information via Incorrect Size Calculation
CVSS 7.5
CVE-2018-1000609
MEDIUM
Jenkins Configuration as Code Plugin <0.7-alpha - Info Disclosure
CVSS 6.5
CVE-2018-1000603
HIGH
Jenkins Openstack Cloud Plugin <2.35 - Info Disclosure
CVSS 8.8
CVE-2018-1000601
MEDIUM
Jenkins SSH Credentials Plugin <1.13 - Info Disclosure
CVSS 6.5
CVE-2018-1000600
HIGH
Jenkins GitHub Plugin <1.29.1 - Info Disclosure
CVSS 8.8
CVE-2018-1000549
MEDIUM
Wekan 1.04.0 - Email and Username Enumeration via Register and Forgot Password Pages
CVSS 5.3
CVE-2018-1000535
HIGH
lms <= LMS_011123 - Info Disclosure
CVSS 7.5
CVE-2018-10852
LOW
Debian Linux < 1.16.3 - Information Disclosure
CVSS 3.8
CVE-2018-0584
HIGH
IIJ SmartKey < 2.1.0 - Authentication Bypass
CVSS 7.5
CVE-2018-0575
MEDIUM
baserCMS 3.0.0-3.0.15 and 4.0.0-4.1.0.1 - Unauthorized File Access via Mail Form Bypass
CVSS 5.3
CVE-2018-0528
MEDIUM
Cybozu Office 10.0.0-10.7.0 - Authenticated Authentication Bypass
CVSS 4.3
CVE-2018-0526
MEDIUM
Cybozu Office 10.0.0-10.7.0 - Exposure of Sensitive Information via External Image Display
CVSS 4.3
CVE-2018-12735
HIGH
SAJ Solar Inverter - Info Disclosure
CVSS 7.5
CVE-2018-12716
MEDIUM
Google Home & Chromecast <mid-2018 - SSRF
CVSS 4.3
CVE-2018-12684
HIGH
CivetWeb <1.10 - DoS/Info Disclosure
CVSS 7.1
CVE-2018-1655
MEDIUM
IBM AIX 5.3, 6.1, 7.1, and 7.2 - Kernel Memory Exposure via rmsock Command
CVSS 4.0
CVE-2018-12634
CRITICAL
CirCarLife Scada <4.3 - Info Disclosure
CVSS 9.8
Details
Vulnerabilities
10,172
Exploit Likelihood
High