CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,108 vulnerabilities with CWE-200
CVE-2025-68273 MEDIUM
Signal K Server < 2.19.0 - Unauthenticated Exposure of Sensitive System Information
CVSS 5.3
CVE-2025-61594 HIGH
URI < 0.12.5, 0.13.0-0.13.2, 1.0.0-1.0.3 - Exposure of Sensitive Information via URI Combination Operator
CVSS 7.5
CVE-2025-15103 HIGH
DVP-12SE11T Firmware < 2.16 - Authentication Bypass via Partial Password Disclosure
CVSS 8.1
CVE-2025-14280 MEDIUM
PixelYourSite <11.1.5 - Info Disclosure
CVSS 5.3
CVE-2025-15070 MEDIUM
Gmission Web Fax 3.0 - Exposure of Sensitive Information via Missing Authorization
CVSS 5.5
CVE-2025-15065 MEDIUM
Kings Information & Network Co. KESS Enterprise <*.25.9.19.exe - Pr...
CVSS 6.3
CVE-2025-15141 LOW
Halo < 2.21.10 - Information Disclosure in Configuration Handler
CVSS 3.1
CVE-2025-15121 LOW
JeecgBoot < 3.9.0 - Information Disclosure via getDeptRoleByUserId departId Parameter
CVSS 2.4
CVE-2025-15082 MEDIUM
TOZED ZLT M30s <= 1.47 - Information Disclosure via goformId Parameter
CVSS 5.3
CVE-2025-12491 HIGH
Senstar Symphony - Unauthenticated Exposure of Sensitive Information via FetchStoredLicense Method
CVSS 7.5
CVE-2025-63662 HIGH
GT Edge AI Platform <v2.0.10-dev - Info Disclosure
CVSS 7.5
CVE-2025-15033 MEDIUM
WooCommerce 8.1-10.4.2 - Info Disclosure
CVSS 6.5
CVE-2025-8305 MEDIUM
Identity Agent for Terminal Services - Info Disclosure
CVSS 6.5
CVE-2025-8304 MEDIUM
Check Point Identity Agent - Info Disclosure
CVSS 6.5
CVE-2025-12492 MEDIUM
Ultimate Member <2.11.0 - Info Disclosure
CVSS 5.3
CVE-2025-14591 HIGH
Delphix Continuous Compliance >=2025.3.0 - Info Disclosure
CVSS 7.5
CVE-2025-68279 HIGH
Weblate < 5.15.1 - Path Traversal via Crafted Symbolic Links
CVSS 7.7
CVE-2025-68429 HIGH
Storybook 7.0.0-7.6.20, 8.0.0-8.6.14, 9.0.0-9.1.16, 10.0.0-10.1.9 - .env File Exposure
CVSS 7.3
CVE-2025-68110 CRITICAL
ChurchCRM < 6.5.3 - Sensitive Database Information Disclosure in Error Message
CVSS 9.9
CVE-2025-46283 MEDIUM
macOS Tahoe <26.2 - Info Disclosure
CVSS 5.5
CVE-2025-46279 LOW
iPadOS < 18.7.3 - Unauthorized App Installation Information Exposure
CVSS 3.3
CVE-2025-46278 MEDIUM
macOS Tahoe <26.2 - Info Disclosure
CVSS 5.5
CVE-2025-43514 MEDIUM
macOS Tahoe <26.2 - Info Disclosure
CVSS 5.5
CVE-2025-14553 HIGH
TP-Link Tapo App < 3.1.6 - Unauthenticated Password Hash Exposure via API Response
CVE-2025-46294 MEDIUM
FileMaker Server <22.0.4 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,108
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits