CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2018-11327 MEDIUM
Joomla! < 3.8.8 - Unauthorized Exposure of Sensitive Tag Information
CVSS 4.3
CVE-2018-7268 MEDIUM
MagniComp SysInfo < 10-h81 - Unauthenticated Exposure of Sensitive Information via Local File Read
CVSS 5.5
CVE-2018-4925 HIGH
Adobe Digital Editions < 4.5.7 - Out-of-bounds Read
CVSS 7.5
CVE-2018-5256 HIGH
CoreOS Tectonic <1.7.9-tectonic.4-<1.8.4-tectonic.3 - Info Disclosure
CVSS 7.5
CVE-2018-1465 MEDIUM
IBM SAN Volume Controller - Privilege Escalation
CVSS 5.3
CVE-2018-1464 MEDIUM
IBM SAN Volume Controller - Info Disclosure
CVSS 6.5
CVE-2018-1438 HIGH
IBM SAN Volume Controller - Info Disclosure
CVSS 7.5
CVE-2018-1433 HIGH
IBM SAN Volume Controller - Info Disclosure
CVSS 7.5
CVE-2018-1276 MEDIUM
Windows 2012R2 Stemcells < 1200.17 - Unauthenticated Exposure of Sensitive Information via IaaS Metadata
CVSS 6.5
CVE-2018-8714 MEDIUM
Honeywell MatrikonOPC <5.1.0.0 - Info Disclosure
CVSS 6.1
CVE-2018-10729 MEDIUM
Phoenix Contact FL SWITCH 3xxx/4xxx/48xx < 1.33 - Sensitive Information Exposure
CVSS 5.3
CVE-2018-9948 MEDIUM
Foxit PDF Reader Pointer Overwrite UAF
CVSS 6.5
CVE-2018-9946 MEDIUM
Foxit Reader and PhantomPDF < 9.0.1.1049 - Exposure of Sensitive Information via setTimeOut Method
CVSS 6.5
CVE-2018-1175 MEDIUM
Foxit Reader 9.0.0.29935 - Info Disclosure
CVSS 6.5
CVE-2018-1174 MEDIUM
Foxit Reader 9.0.0.29935 - Info Disclosure
CVSS 6.5
CVE-2018-11037 MEDIUM
Exiv2 0.26 - Information Disclosure via Crafted PNG File
CVSS 6.5
CVE-2018-1118 LOW
Linux kernel <4.8 - Info Disclosure
CVSS 2.3
CVE-2018-6254 LOW
Android < 8.1 - Out-of-bounds Read in NVIDIA Media Server
CVSS 3.3
CVE-2018-6246 MEDIUM
Android < 8.1 - Information Disclosure via Widevine Trustlet Buffer Overread
CVSS 5.3
CVE-2018-10950 MEDIUM
Zimbra Collaboration Suite 8.6-8.8 - Information Exposure via Verbose Error Messages
CVSS 5.3
CVE-2018-8860 MEDIUM
Vecna VGo Robot <3.0.3.52164 - Info Disclosure
CVSS 6.5
CVE-2018-8163 MEDIUM
Microsoft Excel - Information Disclosure via Memory Contents Exposure
CVSS 5.5
CVE-2018-8160 MEDIUM
Microsoft Office - Information Disclosure via Outlook Message Handling
CVSS 6.5
CVE-2018-8145 HIGH
ChakraCore < 1.8.3 - Memory Contents Exposure via Scripting Engine
CVSS 7.5
CVE-2018-8141 MEDIUM
Windows 10 and Windows Server 2016 - Kernel Information Disclosure via Improper Memory Handling
CVSS 4.7
Details
Vulnerabilities 10,172
Exploit Likelihood High