CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-5118
MEDIUM
Firefox < 58 - Sensitive Local File Exposure via Activity Stream Screenshot Feature
CVSS 5.3
CVE-2018-5115
HIGH
Firefox < 58 - Exposure of Sensitive Information via HTTP Authentication Prompt
CVSS 7.5
CVE-2018-5114
MEDIUM
Firefox < 58 - HttpOnly Cookie Information Exposure via Script Access
CVSS 5.3
CVE-2018-5108
MEDIUM
Firefox < 58 - Exposure of Sensitive Information via Blob URL Origin Attribute Violation
CVSS 4.3
CVE-2018-5106
MEDIUM
Firefox < 58 - Cross-Origin Information Leak via Developer Tools Style Editor
CVSS 5.3
CVE-2018-12089
HIGH
Octopus Deploy <2018.5.7 - Info Disclosure
CVSS 7.5
CVE-2018-1281
MEDIUM
Apache MXNet < 1.0.0 - Unintended Network Exposure via DMLC_PS_ROOT_URI Bypass
CVSS 6.5
CVE-2018-4252
MEDIUM
iPhone OS < 11.4 - Lock-Screen Bypass via Siri
CVSS 4.6
CVE-2018-4244
MEDIUM
iPhone OS < 11.4 - Unauthorized Exposure of Private Contact Information via Siri
CVSS 4.6
CVE-2018-4239
MEDIUM
iPhone OS < 11.4 - Unauthorized Exposure of Sensitive Information via Magnifier Lock-Screen Bypass
CVSS 4.6
CVE-2018-4226
MEDIUM
iPhone OS < 11.4, macOS < 10.13.5, watchOS < 4.3.1, iCloud < 7.5, iTunes < 12.7.5 - Sensitive Information Exposure
CVSS 5.5
CVE-2018-4224
MEDIUM
Apple tvOS < 11.4 - Local Device Identifier Exposure via Security Component
CVSS 5.5
CVE-2018-4223
MEDIUM
Apple tvOS < 11.4 - Unauthorized Persistent Account Identifier Exposure
CVSS 5.5
CVE-2018-4221
HIGH
iPhone OS < 11.4 and macOS < 10.13.5 - User Tracking via S/MIME Client Certificate Transmission
CVSS 7.5
CVE-2018-4196
HIGH
macOS < 10.13.5 - Privilege Escalation and Information Disclosure via Accessibility Framework
CVSS 7.8
CVE-2018-4171
MEDIUM
macOS < 10.13.5 - Unauthorized Kernel Memory Exposure via Bluetooth Device Properties
CVSS 5.5
CVE-2018-4159
MEDIUM
macOS < 10.13.5 - Unauthorized Memory Read via Graphics Drivers
CVSS 5.5
CVE-2018-4141
MEDIUM
macOS < 10.13.5 - Unauthorized Memory Read via Intel Graphics Driver
CVSS 5.5
CVE-2018-11409
MEDIUM
Splunk < 7.0.1 - Unauthenticated Information Disclosure via Server Info Endpoint
CVSS 5.3
CVE-2018-0335
HIGH
Cisco Prime Collaboration Provisioning - Unauthenticated Sensitive Data Exposure via World-Readable Log File
CVSS 7.8
CVE-2018-10198
MEDIUM
OTRS 6.0.0-6.0.6 - Authenticated Exposure of Sensitive Information via Ticket Overview Screen
CVSS 4.3
CVE-2018-1000196
MEDIUM
Jenkins Gitlab Hook Plugin <1.4.2 - Info Disclosure
CVSS 6.5
CVE-2018-10599
MEDIUM
IntelliVue MP Series - Info Disclosure
CVSS 5.3
CVE-2018-1000191
MEDIUM
Jenkins Black Duck Detect Plugin <1.4.0 - Info Disclosure
CVSS 6.5
CVE-2018-1000190
MEDIUM
Jenkins Black Duck Hub Plugin <4.0.0 - Info Disclosure
CVSS 6.5
Details
Vulnerabilities
10,172
Exploit Likelihood
High