CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-1000187
MEDIUM
Jenkins Kubernetes Plugin <1.7.0 - Info Disclosure
CVSS 6.5
CVE-2018-1000186
MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.41.0 - Info Disclosure
CVSS 6.5
CVE-2018-1000183
MEDIUM
Jenkins GitHub Plugin <1.29.0 - Info Disclosure
CVSS 6.5
CVE-2018-1332
MEDIUM
Apache Storm < 1.0.6, 1.1.3, 1.2.1 - User Impersonation via Daemon Communication
CVSS 6.5
CVE-2018-1000181
HIGH
Kitura < 2.3.0 - Unauthenticated Information Disclosure via Crafted URL
CVSS 7.5
CVE-2018-11554
CRITICAL
YzmCMS 3.2-3.7 - Response Discrepancy Information Exposure in Forgotten-Password Feature
CVSS 9.8
CVE-2018-3809
MEDIUM
serve < 7.0.0 - Unauthenticated Exposure of Sensitive Information via Directory Listing
CVSS 5.3
CVE-2018-11195
MEDIUM
Mahara 17.04.0-17.04.7, 17.10.0-17.10.4, 18.04.0 - Sensitive Information Exposure via Browser Back/Refresh
CVSS 6.8
CVE-2018-5525
MEDIUM
F5 BIG-IP <11.6.3.1 - Info Disclosure
CVSS 4.3
CVE-2018-11645
MEDIUM
Ghostscript < 9.20 - Exposure of Sensitive Information via Status Command
CVSS 5.3
CVE-2018-1532
MEDIUM
IBM API Connect 5.0.0.0-5.0.8.2 - Exposure of Sensitive Information via Static SESSIONID
CVSS 4.3
CVE-2018-11036
CRITICAL
Ruckuswireless Vsz Firmware - Information Disclosure
CVSS 9.1
CVE-2018-11565
MEDIUM
Mahara 17.04.0-17.04.7, 17.10.0-17.10.4, 18.04.0 - Unauthorized Username Exposure
CVSS 5.3
CVE-2018-11437
MEDIUM
libmobi 0.3 - Information Disclosure via Crafted MOBI File
CVSS 6.5
CVE-2018-11435
MEDIUM
libmobi 0.3 - Information Disclosure via Crafted MOBI File
CVSS 6.5
CVE-2018-1369
LOW
IBM Security Guardium Big Data Intelligence 3.1 - Exposure of Sensitive Information via URL Parameters
CVSS 3.7
CVE-2018-10732
MEDIUM
Dataiku Data Science Studio < 4.2.3 - Unauthenticated Sensitive Information Exposure via Profile Picture Visibility
CVSS 5.3
CVE-2018-11517
MEDIUM
mySCADA myPRO 7 - Unauthenticated Exposure of Sensitive Information via ProjectID Enumeration
CVSS 5.3
CVE-2018-11508
MEDIUM
Linux Kernel < 4.16.9 - Unauthorized Memory Read via adjtimex
CVSS 5.5
CVE-2018-11505
HIGH
Werewolf Online 0.8.8 - Exposure of Firebase Token via Logcat Output
CVSS 7.5
CVE-2018-6234
MEDIUM
Trend Micro Antivirus+ < 12.0 - Out-of-Bounds Read in tmnciesc.sys IOCTL 0x222814
CVSS 5.5
CVE-2018-1467
MEDIUM
IBM Storwize V7000 Unified <1.6 - Info Disclosure
CVSS 5.3
CVE-2018-11469
MEDIUM
HAProxy 1.8.0-1.8.9 - Unauthenticated Information Disclosure via Cached Authorization Header
CVSS 5.9
CVE-2018-1135
MEDIUM
Moodle 3.1.0-3.1.11 - Unauthenticated Exposure of Sensitive Information via Forum Post Export
CVSS 6.5
CVE-2018-10652
HIGH
Citrix XenMobile Server <10.7 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
10,172
Exploit Likelihood
High