CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2018-12439 MEDIUM
MatrixSSL <3.9.5 - Memory Corruption
CVSS 4.7
CVE-2018-12438 MEDIUM
Elliptic Curve Cryptography library - Memory Corruption
CVSS 4.9
CVE-2018-12437 MEDIUM
LibTomCrypt <1.18.1 - Info Disclosure
CVSS 4.9
CVE-2018-12436 MEDIUM
wolfSSL <3.15.1.patch - Info Disclosure
CVSS 4.7
CVE-2018-12435 MEDIUM
Botan 2.5.0-2.6.0 - Memory Corruption
CVSS 5.9
CVE-2018-12434 MEDIUM
LibreSSL <2.6.5, 2.7.x <2.7.4 - Info Disclosure
CVSS 4.7
CVE-2018-12433 MEDIUM
cryptlib <3.4.4 - Memory Corruption
CVSS 4.9
CVE-2018-8246 MEDIUM
Microsoft Excel - Information Disclosure via Memory Contents Exposure
CVSS 5.5
CVE-2018-8239 MEDIUM
Windows 10 and Windows Server 2016 - Information Disclosure in GDI Component
CVSS 5.5
CVE-2018-8234 MEDIUM
Microsoft Edge - Information Disclosure via Improper Memory Handling
CVSS 4.3
CVE-2018-8209 HIGH
Windows 10 and Windows Server 2016 - Unauthorized Wireless LAN Profile Information Disclosure
CVSS 8.0
CVE-2018-8207 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Object Handling
CVSS 4.7
CVE-2018-0871 MEDIUM
Microsoft Edge - Information Disclosure via Improper File Marking
CVSS 4.3
CVE-2018-1393 LOW
IBM Financial Transaction Manager for ACH Services 3.0.6 - Sensitive Information Exposure
CVSS 3.1
CVE-2018-12227 MEDIUM
Asterisk Open Source <15.4.1 - Info Disclosure
CVSS 5.3
CVE-2018-5182 HIGH
Firefox < 60 - Info Disclosure
CVSS 7.5
CVE-2018-5181 HIGH
Firefox < 60 - Info Disclosure
CVSS 7.5
CVE-2018-5157 HIGH
Firefox <60, Firefox ESR <52.8 - SSRF
CVSS 7.5
CVE-2018-5140 MEDIUM
Firefox < 59.0 - Information Leak via moz-icon Protocol
CVSS 5.3
CVE-2018-5137 HIGH
Firefox < 59.0 - Exposure of Sensitive Information via Legacy Extension Resource Loading
CVSS 7.5
CVE-2018-5134 HIGH
Firefox < 59.0 - Exposure of Sensitive Information via WebExtensions View-Source URL Bypass
CVSS 7.5
CVE-2018-5133 MEDIUM
Firefox < 59.0 - Stored Cross-Site Scripting via app.support.baseURL Preference
CVSS 6.5
CVE-2018-5132 MEDIUM
Firefox < 59.0 - Unauthorized Data Exposure via WebExtension Find API
CVSS 6.5
CVE-2018-5131 MEDIUM
Firefox ESR < 52.7 - Info Disclosure
CVSS 5.9
CVE-2018-5119 MEDIUM
Firefox < 58 - Exposure of Sensitive Information via Reader View
CVSS 5.3
Details
Vulnerabilities 10,172
Exploit Likelihood High