CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2018-0830
MEDIUM
Windows Kernel - Information Disclosure via Memory Object Handling
CVSS 4.7
CVE-2018-0829
MEDIUM
Windows Kernel - Information Disclosure via Memory Object Handling
CVSS 4.7
CVE-2018-0763
LOW
Microsoft Edge - Information Disclosure via Memory Object Handling
CVSS 3.1
CVE-2018-0761
MEDIUM
Microsoft Windows 7 and Windows Server 2008 - Information Disclosure in EOT Font Engine
CVSS 5.5
CVE-2018-0760
MEDIUM
Microsoft Windows 7, Windows Server 2008, and Windows Server 2012 - Information Disclosure in EOT Font Engine
CVSS 5.5
CVE-2018-0755
MEDIUM
Windows 7 SP1 and Windows Server 2008 R2 - Information Disclosure in EOT Font Engine
CVSS 5.5
CVE-2018-6293
HIGH
Saperion Web Client 7.5.2 83166 - Unauthenticated Arbitrary File Read
CVSS 7.5
CVE-2018-6881
MEDIUM
Dedecms - Information Disclosure
CVSS 5.3
CVE-2018-1052
MEDIUM
PostgreSQL 10.x < 10.2 - Authenticated Memory Disclosure via Partitioned Table Insert
CVSS 6.5
CVE-2018-6846
MEDIUM
Z-BlogPHP 1.5.1 - Path Disclosure via Direct Request to Upload Library
CVSS 5.3
CVE-2018-0140
MEDIUM
Cisco Email Security Appliance - Unauthorized Spam Quarantine Access via Browser Manipulation
CVSS 6.5
CVE-2018-0134
MEDIUM
Cisco Mobility Services Engine - Unauthenticated Sensitive Information Exposure via RADIUS Authentication Response
CVSS 5.3
CVE-2018-0127
CRITICAL
Cisco RV132W and RV134W - Unauthenticated Information Disclosure via Web Interface
CVSS 9.8
CVE-2018-1388
HIGH
IBM WebSphere MQ - Exposure of Sensitive Information via PKCS#1 Padding Side Channel
CVSS 7.5
CVE-2018-6806
MEDIUM
marked_2 < 2.5.11 - Exposure of Sensitive Information via x-marked://preview URL
CVSS 6.5
CVE-2018-6790
MEDIUM
KDE Plasma Workspace < 5.12.0 - Exposure of Client IP Address via Notification URL
CVSS 5.3
CVE-2018-6610
HIGH
jlike 1.0 - Exposure of Sensitive Information via task Parameter
CVSS 7.5
CVE-2018-6188
HIGH
Django <2.0.2, 1.11.8-1.11.9 - Info Disclosure
CVSS 7.5
CVE-2018-6596
CRITICAL
django-anymail < 1.2.1 - Timing Attack on WEBHOOK_AUTHORIZATION Secret
CVSS 9.1
CVE-2018-6526
MEDIUM
MantisBT < 2.10.0 - Path Disclosure via Invalid Filter Parameter
CVSS 5.3
CVE-2018-1192
HIGH
Cloud Foundry Foundation cf-release <v285 - Info Disclosure
CVSS 8.8
CVE-2018-6470
MEDIUM
nibbleblog 4.0.5 - Unauthorized Sensitive Information Exposure via .DS_Store Files
CVSS 5.3
CVE-2018-6460
HIGH
Hotspot Shield - Unauthenticated Sensitive Information Exposure via JSONP Callback Parameter
CVSS 7.5
CVE-2018-6412
HIGH
Linux Kernel < 4.15 - Information Disclosure via sbusfb_ioctl_helper Integer Signedness Error
CVSS 7.5
CVE-2018-6008
HIGH
Jtag Members Directory 5.3.7 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
10,172
Exploit Likelihood
High