CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,108 vulnerabilities with CWE-200
CVE-2025-66027
MEDIUM
rallly < 4.5.6 - Unauthenticated Information Disclosure via API Endpoint
CVSS 6.5
CVE-2025-13683
MEDIUM
Devolutions Server and Remote Desktop Manager - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 6.5
CVE-2025-64312
MEDIUM
HarmonyOS - Unauthorized Sensitive Information Exposure in File Management Module
CVSS 4.9
CVE-2025-58305
MEDIUM
HarmonyOS - Identity Authentication Bypass in Gallery App
CVSS 6.2
CVE-2025-64311
MEDIUM
HarmonyOS - Unauthorized Information Exposure in Notepad Module
CVSS 5.1
CVE-2025-12559
MEDIUM
Mattermost <11.0.2-10.5.12 - Info Disclosure
CVSS 4.3
CVE-2025-13765
MEDIUM
Devolutions Server < 2025.2.21.0 - Unauthorized Exposure of Email Service Credentials
CVSS 4.3
CVE-2025-13758
LOW
Devolutions Server <= 2025.2.20 and <= 2025.3.8 - Exposure of Credentials in Unintended Requests
CVSS 3.5
CVE-2025-59454
MEDIUM
Apache CloudStack 4.0.0-4.20.1.9 - Authenticated Exposure of Sensitive Information via API Permission Bypass
CVSS 4.3
CVE-2025-12584
MEDIUM
Quick View for WooCommerce <2.2.17 - Info Disclosure
CVSS 5.3
CVE-2025-65278
HIGH
GroceryMart - Unauthenticated Exposure of Sensitive Information in users.json
CVSS 7.5
CVE-2025-65957
HIGH
Core Bot <dffe050 - Info Disclosure
CVE-2025-63729
CRITICAL
Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517 - Info Disclosure
CVSS 9.0
CVE-2025-60739
CRITICAL
Ilevia EVE X1 Server <4.7.18.0.eden-2025_07_21 - CSRF
CVSS 9.6
CVE-2025-12525
MEDIUM
Locker Content <1.0.0 - Info Disclosure
CVSS 5.3
CVE-2025-65951
HIGH
Inside Track / Entropy Derby <2d38d2f - Info Disclosure
CVSS 8.7
CVE-2025-63958
CRITICAL
MILLENSYS Vision Tools Workspace 6.5.0.2585 - Info Disclosure
CVSS 9.8
CVE-2025-13596
LOW
ATISoluciones CIGES <2.15.6 - Info Disclosure
CVE-2025-13526
HIGH
OneClick Chat to Order <1.0.8 - Info Disclosure
CVSS 7.5
CVE-2025-12039
MEDIUM
BigBuy Dropshipping Connector <2.0.5 - SSRF
CVSS 5.3
CVE-2025-11368
MEDIUM
LearnPress - WordPress LMS Plugin <4.2.9.4 - Info Disclosure
CVSS 5.3
CVE-2025-52669
MEDIUM
Revive Adserver < 5.5.2 - Unauthorized Exposure of User Contact Information
CVSS 4.3
CVE-2025-63212
MEDIUM
GatesAir Flexiva-LX <2.0 - Info Disclosure
CVSS 6.5
CVE-2025-63209
HIGH
ELCA Star Transmitter Remote Control firmware 1.25 - Info Disclosure
CVSS 7.5
CVE-2025-63205
HIGH
Bridgetech probes <5.6.0-3 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
10,108
Exploit Likelihood
High