CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-7675
LOW
NetIQ Sentinel < 8.1 - Exposure of Sensitive Information via Session Timeout
CVSS 2.8
CVE-2018-7737
MEDIUM
Z-BlogPHP <1.5.1.1740 - Info Disclosure
CVSS 5.3
CVE-2018-5467
MEDIUM
Belden Hirschmann - Info Disclosure
CVSS 6.5
CVE-2018-6808
HIGH
NetScaler ADC and Gateway 10.5 11.0 11.1 12.0 - Unauthenticated Arbitrary File Read
CVSS 7.5
CVE-2018-7668
HIGH
TestLink < 1.9.16 - Unauthenticated Arbitrary File Read via Modified ID Field
CVSS 7.5
CVE-2018-7662
MEDIUM
Couch < 2.0 - Unauthenticated Full Path Disclosure via Direct Request
CVSS 5.3
CVE-2018-7661
MEDIUM
Papenmeier WiFi Baby Monitor Free & Lite < 2.02.2 - Unauthenticated Audio Data Exposure via TCP Ports 8257 and 8258
CVSS 5.3
CVE-2018-7556
CRITICAL
LimeSurvey <2.6.7, 2.7x.x<2.73.1, 3.x<3.4.2 - Sensitive Information Exposure
CVSS 9.1
CVE-2018-7250
MEDIUM
Windows Vista, 7, 8, and 8.1 - Uninitialized Kernel Pool Memory Exposure via secdrv.sys IOCTL 0xCA002813
CVSS 5.5
CVE-2018-7317
HIGH
Proclaim 9.1.1 - Unauthenticated Sensitive Information Exposure via Backup File Download
CVSS 7.5
CVE-2018-1392
LOW
IBM Financial Transaction Manager <3.1.0 - Info Disclosure
CVSS 3.1
CVE-2018-7276
HIGH
Lutron Quantum BACnet Integration 2.0 - Exposure of Sensitive Information via DbXmlInfo.xml Request
CVSS 7.5
CVE-2018-7273
MEDIUM
Linux Kernel < 4.15.4 - Kernel Address Exposure via Floppy Driver Printk
CVSS 5.5
CVE-2018-7272
MEDIUM
ForgeRock Access Management < 5.5.0 - Exposure of Sensitive Information via SSOToken ID in REST API URLs
CVSS 6.5
CVE-2018-6487
CRITICAL
Micro Focus Universal CMDB Foundation Software Remote Information Disclosure
CVSS 9.8
CVE-2018-5477
MEDIUM
ABB netCADOPS <8.1 - Info Disclosure
CVSS 5.8
CVE-2018-7251
CRITICAL
Anchor CMS < 0.12.7 - Sensitive Information Exposure via Error Log
CVSS 9.8
CVE-2018-6591
MEDIUM
Converse.js < 3.3 - Unintended Exposure of Sensitive Information
CVSS 5.3
CVE-2018-7210
HIGH
iDashboards < 9.6b - Unauthenticated Sensitive Information Exposure via config CMD Parameter
CVSS 7.5
CVE-2018-7209
HIGH
iDashboards < 9.6b - Unauthenticated Sensitive Information Exposure via config.xml Direct Request
CVSS 7.5
CVE-2018-1000068
MEDIUM
Jenkins <2.106-2.89.3 - Info Disclosure
CVSS 5.3
CVE-2018-7056
MEDIUM
RoomWizard < 4.4.0 - Unauthenticated Sensitive Information Exposure via getGroupTimeLineJSON.action
CVSS 5.3
CVE-2018-0855
MEDIUM
Microsoft Windows 7 SP1 and Windows Server 2008 R2 - Information Disclosure in EOT Font Engine
CVSS 4.3
CVE-2018-0843
MEDIUM
Windows 10 1709 and Windows Server 2016 1709 - Kernel Information Disclosure via Memory Object Handling
CVSS 4.7
CVE-2018-0839
MEDIUM
Microsoft Edge - Information Disclosure via Memory Object Handling
CVSS 4.3
Details
Vulnerabilities
10,172
Exploit Likelihood
High