CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-8127
MEDIUM
Windows - Kernel Information Disclosure via Improper Memory Handling
CVSS 5.5
CVE-2018-8123
MEDIUM
Microsoft Edge - Information Disclosure via Improper Memory Handling
CVSS 4.3
CVE-2018-10770
CRITICAL
ShenZhen Anni 5 in 1 XVR Firmware - Unauthenticated Sensitive Information Exposure via download.rsp
CVSS 9.8
CVE-2018-6921
MEDIUM
FreeBSD 11.0-11.1 - Unauthorized Kernel Memory Exposure via Network Subsystem
CVSS 5.5
CVE-2018-6920
MEDIUM
FreeBSD 10.0-10.4 - Unauthenticated Exposure of Sensitive Information via Insufficient Memory Initialization
CVSS 5.5
CVE-2018-1000176
MEDIUM
Jenkins Email Extension Plugin <2.61 - Info Disclosure
CVSS 6.5
CVE-2018-10734
CRITICAL
KONGTOP A303 A403 D303 D305 D403 Firmware - Unauthenticated Sensitive Information Exposure via Print_Password Function
CVSS 9.8
CVE-2018-10229
MEDIUM
GPU Memory Modules - Info Disclosure
CVSS 4.8
CVE-2018-0288
MEDIUM
Cisco WebEx Meetings Online - Unauthenticated Sensitive Information Exposure via Malicious WRF File
CVSS 5.3
CVE-2018-0278
MEDIUM
Cisco Secure Firewall Management Center - Unauthenticated Sensitive Information Exposure via WebSocket
CVSS 6.5
CVE-2018-0245
MEDIUM
Cisco 5500 and 8500 Series Wireless LAN Controller Software - Unauthenticated Information Disclosure via REST API URL
CVSS 5.3
CVE-2018-1468
MEDIUM
IBM API Connect <5.0.8.2 - Info Disclosure
CVSS 4.3
CVE-2018-10583
HIGH
LibreOffice 6.0.3 - Apache OpenOffice Writer 4.1.5 - Info Disclosure
CVSS 7.5
CVE-2018-10581
MEDIUM
Octopus Deploy <2018.4.7 - Info Disclosure
CVSS 5.4
CVE-2018-10545
MEDIUM
PHP < 5.6.35, 7.0.x < 7.0.29, 7.1.x < 7.1.16, 7.2.x < 7.2.4 - Sensitive Info Exposure via FPM
CVSS 4.7
CVE-2018-10523
MEDIUM
CMS Made Simple < 2.2.7 - Physical Path Leakage via DesignManager or FileManager Endpoints
CVSS 5.3
CVE-2018-10522
MEDIUM
CMS Made Simple < 2.2.7 - Authenticated Sensitive Information Disclosure via File View Operation
CVSS 4.9
CVE-2018-10516
MEDIUM
CMS Made Simple < 2.2.7 - Authenticated Sensitive Information Disclosure via File Rename Operation
CVSS 6.5
CVE-2018-10472
MEDIUM
Xen < 4.10.1 - Unauthorized File Read via QMP CDROM Insertion
CVSS 5.6
CVE-2018-1074
HIGH
ovirt-engine < 4.2.2.5 and 4.1.11.1 - Insufficiently Protected Power Management Credentials
CVSS 7.7
CVE-2018-10424
LOW
MiniCMS 1.10 - Full Path Disclosure via Post Edit ID Field
CVSS 2.7
CVE-2018-10423
LOW
MiniCMS 1.10 - Exposure of Sensitive Information via Directory Listing
CVSS 2.7
CVE-2018-1059
MEDIUM
Canonical Ubuntu Linux < 18.02.1 - Information Disclosure
CVSS 6.1
CVE-2018-8880
HIGH
Lutron Quantum BACnet Integration <3.2.243 - Info Disclosure
CVSS 7.5
CVE-2018-10245
MEDIUM
awstats < 7.6 - Full Path Disclosure via framename and update Parameters
CVSS 5.3
Details
Vulnerabilities
10,172
Exploit Likelihood
High