CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2018-12632 MEDIUM
Redatam < 7 - Information Disclosure via Invalid LFN Parameter
CVSS 5.3
CVE-2018-3665 MEDIUM
Intel Core i3 - Unauthorized Data Exposure via Lazy FP State Restore Side Channel
CVSS 5.6
CVE-2018-12594 HIGH
Reliable Controls MACH-ProWebCom 7.80 - Info Disclosure
CVSS 7.5
CVE-2018-12592 HIGH
Polycom RealPresence Web Suite <2.2.0 - Info Disclosure
CVSS 7.5
CVE-2018-12098 MEDIUM
liblnk <2018-04-19 - Info Disclosure
CVSS 5.5
CVE-2018-12097 MEDIUM
liblnk <2018-04-19 - Info Disclosure
CVSS 5.5
CVE-2018-11731 MEDIUM
libfsntfs < 20180420 - Out-of-bounds Read in MFT Entry Attribute Handling
CVSS 5.5
CVE-2018-11729 MEDIUM
libfsntfs < 20180420 - Out-of-bounds Read in MFT Entry Header Parsing
CVSS 5.5
CVE-2018-11728 MEDIUM
libfsntfs < 20180420 - Out-of-bounds Read in Reparse Point Values
CVSS 5.5
CVE-2018-11727 MEDIUM
libfsntfs < 20180420 - Out-of-bounds Read in libfsntfs_attribute_read_from_mft
CVSS 5.5
CVE-2018-1073 MEDIUM
ovirt-engine < 4.2.3 - User Enumeration via Web Console Login Error Messages
CVSS 5.3
CVE-2018-12557 CRITICAL
Zuul 3.0.0-3.0.9 - Exposure of Sensitive Information via Task Error Logging
CVSS 9.8
CVE-2018-1090 MEDIUM
Pulp < 2.16.2 - Unauthorized Exposure of Sensitive Information via Task Override Config
CVSS 5.5
CVE-2018-12525 MEDIUM
perfSONAR MaDDash <2.0.2 - Info Disclosure
CVSS 5.3
CVE-2018-12524 MEDIUM
perfSONAR MaDDash <2.0.2 - Info Disclosure
CVSS 5.3
CVE-2018-12523 MEDIUM
perfSONAR MaDDash <2.0.2 - Info Disclosure
CVSS 5.3
CVE-2018-12522 MEDIUM
perfSONAR MaDDash <2.0.2 - Info Disclosure
CVSS 5.3
CVE-2018-12027 HIGH
Phusion Passenger 5.3.x <5.3.2 - Info Disclosure
CVSS 8.8
CVE-2018-12337 MEDIUM
ECOS Secure Boot Stick <5.6.5 - Info Disclosure
CVSS 4.6
CVE-2018-12336 CRITICAL
ECOS Secure Boot Stick <5.6.5 - Info Disclosure
CVSS 9.8
CVE-2018-12329 MEDIUM
ECOS Secure Boot Stick <5.6.5 - Privilege Escalation
CVSS 5.9
CVE-2018-5751 MEDIUM
Open-Xchange OX App Suite <7.6.3-7.8.4 - Info Disclosure
CVSS 6.5
CVE-2018-12481 CRITICAL
Olive Tree Ftp Server <1.32 - Info Disclosure
CVSS 9.8
CVE-2018-6672 MEDIUM
McAfee ePolicy Orchestrator 5.3.0-5.3.3 and 5.9.0-5.9.1 - Authenticated Sensitive Information Exposure
CVSS 5.7
CVE-2018-12440 MEDIUM
BoringSSL < 2018-06-14 - Memory-Cache Side-Channel Attack on DSA Signatures
CVSS 4.7
Details
Vulnerabilities 10,172
Exploit Likelihood High