CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-1000147
MEDIUM
Jenkins Perforce Plugin <1.3.36 - Info Disclosure
CVSS 6.5
CVE-2018-1000145
MEDIUM
Jenkins Perforce Plugin <1.3.36 - Info Disclosure
CVSS 6.5
CVE-2018-1000143
MEDIUM
Jenkins GitHub Pull Request Builder Plugin <1.39.0 - Info Disclosure
CVSS 6.7
CVE-2018-1000142
HIGH
Jenkins GitHub Pull Request Builder Plugin <1.39.0 - Info Disclosure
CVSS 7.8
CVE-2018-1097
HIGH
Foreman < 1.16.1 - Exposure of Compute Resource Credentials via oVirt/RHV Power Management
CVSS 8.8
CVE-2018-9126
CRITICAL
DNNArticle 11 for DNN - Unauthenticated Sensitive Information Exposure via GetCSS.ashx URI
CVSS 9.8
CVE-2018-9275
HIGH
Yubico PAM 2.18-2.25 - Information Disclosure and Denial of Service via File Descriptor Leak
CVSS 8.2
CVE-2018-6919
HIGH
FreeBSD 10.0-10.3 - Unauthorized Kernel Memory Exposure via Insufficient Memory Initialization
CVSS 7.5
CVE-2018-3598
HIGH
Qualcomm Android <2018-04-05 - Info Disclosure
CVSS 7.5
CVE-2018-4168
MEDIUM
iPhone OS < 11.3 - Unauthorized Sensitive Information Exposure via Files Widget
CVSS 4.6
CVE-2018-4138
MEDIUM
macOS < 10.13.4 - Unauthorized Memory Read via NVIDIA Graphics Drivers
CVSS 5.5
CVE-2018-4137
HIGH
Safari < 11.1 - Unauthenticated Exposure of Sensitive Information via Login AutoFill
CVSS 7.5
CVE-2018-4123
LOW
iPhone OS < 11.3 - Unauthorized iTunes Email Address Exposure via Clock Alarm Handling
CVSS 2.4
CVE-2018-4117
MEDIUM
Safari < 11.1 - Same Origin Policy Bypass via Fetch API
CVSS 6.5
CVE-2018-4104
MEDIUM
iPhone OS < 11.3, macOS < 10.13.4, tvOS < 11.3, watchOS < 4.3 - Kernel Memory Read Restriction Bypass
CVSS 5.5
CVE-2018-4093
MEDIUM
Apple tvOS < 11.2.5 - Kernel Memory Read Restriction Bypass
CVSS 5.5
CVE-2018-4090
MEDIUM
Apple tvOS < 11.2.5 - Kernel Memory Read Restriction Bypass
CVSS 5.5
CVE-2018-4084
MEDIUM
macOS < 10.13.3 - Unauthorized Memory Read via Wi-Fi Component
CVSS 5.5
CVE-2018-6849
MEDIUM
DuckDuckGo 4.2.0 - Private IP Address Exposure via WebRTC STUN Request
CVSS 4.3
CVE-2018-1234
MEDIUM
RSA Authentication Agent for Web < 8.0.1 - Unauthorized Configuration Exposure via Named Pipe ACL
CVSS 5.5
CVE-2018-3817
MEDIUM
Logstash < 5.6.6 and 6.x < 6.1.2 - Sensitive Information Disclosure in Deprecated Settings Log
CVSS 6.5
CVE-2018-1191
HIGH
Cloud Foundry Garden-runC <1.11.0 - Info Disclosure
CVSS 8.8
CVE-2018-6608
MEDIUM
Opera Browser 51.0.2830.55 - Exposure of Sensitive Information via WebRTC STUN Request
CVSS 4.3
CVE-2018-7676
LOW
NetIQ Identity Manager < 4.7 - Sensitive Information Exposure via Userapp Log/Trace
CVSS 3.9
CVE-2018-9056
MEDIUM
Intel Atom C/E/X3 - Unauthorized Information Disclosure via BranchScope Side-Channel Attack
CVSS 5.6
Details
Vulnerabilities
10,172
Exploit Likelihood
High