CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2018-6015 HIGH
Email Subscribers & Newsletters <3.4.8 - Info Disclosure
CVSS 7.5
CVE-2018-5750 MEDIUM
Linux kernel <4.14.15 - Info Disclosure
CVSS 5.5
CVE-2018-4835 MEDIUM
TeleControl Server Basic < 3.1 - Unauthenticated Authentication Bypass via Port 8000
CVSS 5.3
CVE-2018-5319 HIGH
RAVPower FileHub 2.000.056 - Info Disclosure
CVSS 7.5
CVE-2018-6014 MEDIUM
Subsonic 6.1.3 - Unauthenticated Exposure of Sensitive Information via Flash Cross-Domain Policy
CVSS 6.5
CVE-2018-1044 MEDIUM
Moodle 3.x < 3.1.9 and 3.1-3.1.10 - Unauthorized Exposure of Quiz Results
CVSS 4.3
CVE-2018-0111 MEDIUM
Cisco WebEx Meetings Server - Unauthenticated Exposure of Sensitive Information
CVSS 5.3
CVE-2018-0109 LOW
Cisco WebEx Meetings Server - Authenticated Exposure of Sensitive Information via Root Account Access
CVSS 2.7
CVE-2018-0106 LOW
Cisco Elastic Services Controller - Unauthenticated Sensitive Information Exposure via ConfD Directory Access
CVSS 3.3
CVE-2018-0105 MEDIUM
Cisco Unified Communications Manager - Unauthenticated Exposure of Sensitive Information via Database Table Access
CVSS 5.3
CVE-2018-5728 MEDIUM
Cobham Sea Tel 121 <build 222701 - Info Disclosure
CVSS 5.3
CVE-2018-5726 CRITICAL
MASTER IPCAMERA01 <3.3.4.2103 - Info Disclosure
CVSS 9.8
CVE-2018-5682 MEDIUM
PrestaShop 1.7.2.4 - Info Disclosure
CVSS 5.3
CVE-2018-0014 MEDIUM
Juniper ScreenOS < 6.3.0r25 - Unauthorized Memory Exposure via Unpadded Ethernet Packets
CVSS 4.3
CVE-2018-0013 MEDIUM
Juniper Junos Space - Authenticated Local File Inclusion
CVSS 6.5
CVE-2018-5266 HIGH
Cobham Sea Tel 121 <build 222701 - Info Disclosure
CVSS 7.5
CVE-2018-0800 MEDIUM
ChakraCore - Information Disclosure via Scripting Engine Memory Handling
CVSS 5.3
CVE-2018-0766 MEDIUM
Microsoft Edge - Information Disclosure via PDF Reader Memory Handling
CVSS 4.3
CVE-2018-3813 CRITICAL
FLIR Brickstream 2300 Firmware - Unauthenticated Exposure of Sensitive Information via getConfigExportFile.cgi
CVSS 9.8
CVE-2017-20210 CRITICAL
QNAP Photo Station 5.4.1 & 5.2.7 - Exposure of Sensitive Information
CVSS 9.8
CVE-2017-18307 HIGH
Qualcomm SD 450/625/820/820A/835/845/850 Firmware - Information Disclosure during Audio Playback
CVSS 8.4
CVE-2017-18306 HIGH
Qualcomm SD 450/625/820/820A/835/845/850 Firmware - Information Disclosure via Uninitialized Variable
CVSS 8.4
CVE-2017-20194 MEDIUM
Formidable Form Builder <2.05.03 - Info Disclosure
CVSS 5.3
CVE-2017-20178 LOW
Codiad < 2.8.1 - Information Disclosure via saveJSON Function
CVSS 3.1
CVE-2017-20110 MEDIUM
Teleopti WFM <7.1.0 - Info Disclosure
CVSS 4.3
Details
Vulnerabilities 10,172
Exploit Likelihood High