CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-9014
HIGH
dsmall v20180320 - Physical Path Leakage via pdr_sn Parameter
CVSS 7.5
CVE-2018-3626
MEDIUM
Intel SGX SDK < 1.9.6 - Unauthorized Information Exposure via Edger8r Tool
CVSS 4.7
CVE-2018-1322
MEDIUM
Apache Syncope 1.2.0-1.2.10 - Information Disclosure via FIQL and ORDER BY Parameters
CVSS 4.9
CVE-2018-1000135
HIGH
GNOME NetworkManager <1.10.2 - Info Disclosure
CVSS 7.5
CVE-2018-8770
MEDIUM
Western Bridge Cobub Razor 0.8.0 - Info Disclosure
CVSS 5.3
CVE-2018-1200
MEDIUM
Pivotal Application Service 1.11.x < 1.11.26 - Unauthenticated Remote File Read via Apps Manager
CVSS 6.5
CVE-2018-7704
MEDIUM
SecurEnvoy SecurMail <9.2.501 - Info Disclosure
CVSS 6.5
CVE-2018-2402
HIGH
SAP HANA 1.00 and 2.00 - Unauthorized Exposure of User Credentials in Indexserver Trace Files
CVSS 7.6
CVE-2018-7496
MEDIUM
OSIsoft PI Vision < 2017 - Information Exposure via Server Response Headers
CVSS 5.3
CVE-2018-0932
MEDIUM
Microsoft Edge and Internet Explorer - Information Disclosure via Memory Object Handling
CVSS 4.3
CVE-2018-0929
MEDIUM
Internet Explorer - Information Disclosure via Memory Object Handling
CVSS 4.3
CVE-2018-0927
MEDIUM
Internet Explorer and Edge - Information Disclosure via Memory Object Handling
CVSS 4.3
CVE-2018-0904
MEDIUM
Windows Kernel - Information Disclosure via Memory Address Handling
CVSS 4.7
CVE-2018-0900
MEDIUM
Windows Kernel - Information Disclosure via Memory Address Handling
CVSS 4.7
CVE-2018-0899
MEDIUM
Windows Kernel - Information Disclosure via Memory Address Handling
CVSS 4.7
CVE-2018-0898
MEDIUM
Windows Kernel - Information Disclosure via Memory Address Handling
CVSS 4.7
CVE-2018-0896
MEDIUM
Windows Kernel - Information Disclosure via Memory Address Handling
CVSS 4.7
CVE-2018-0879
HIGH
Microsoft Edge - Information Disclosure via Memory Object Handling
CVSS 7.5
CVE-2018-1000126
HIGH
Ajenti 2 - Information Disclosure in Config File
CVSS 7.5
CVE-2018-1323
HIGH
Apache Tomcat JK Connector 1.2.0-1.2.42 - Path Traversal via IIS/ISAPI Request Path Normalization
CVSS 7.5
CVE-2018-8056
HIGH
Western Bridge Cobub Razor <0.8.0 - Info Disclosure
CVSS 7.5
CVE-2018-1387
MEDIUM
IBM Monitoring <8.1.4 - Info Disclosure
CVSS 5.3
CVE-2018-7755
MEDIUM
Linux kernel <4.15.7 - Info Disclosure
CVSS 5.5
CVE-2018-0218
LOW
Cisco Secure Access Control Server - XML External Entity Injection via Imported XML File
CVSS 3.3
CVE-2018-0207
LOW
Cisco Secure Access Control Server - XML External Entity Injection via Crafted XML File Import
CVSS 3.3
Details
Vulnerabilities
10,172
Exploit Likelihood
High