CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,119 vulnerabilities with CWE-200
CVE-2025-52488
HIGH
Dnnsoftware Dotnetnuke < 10.0.1 - Information Disclosure
CVSS 8.6
CVE-2025-25037
CRITICAL
Aquatronica Controller System <= 5.1.6 - Information Disclosure
CVE-2025-52467
CRITICAL
pgai < 8eb3567 - Unauthenticated Exposure of Sensitive Information via GitHub Token
CVSS 9.1
CVE-2025-23173
HIGH
Versa Director 21.2.2, 21.2.3, 22.1.1-22.1.4 - Exposure of Sensitive Information via Websockify Service
CVSS 7.5
CVE-2025-49593
MEDIUM
Portainer <2.31.0-2.27.7 - Info Disclosure
CVSS 6.8
CVE-2025-49824
LOW
conda-smithy <3.47.1 - Info Disclosure
CVE-2025-6199
LOW
GdkPixbuf - Exposure of Sensitive Information via GIF LZW Decoder Logic Error
CVSS 3.3
CVE-2025-49177
MEDIUM
xwayland < 24.1.7 - Exposure of Sensitive Information via XFIXES Extension Request Length Validation
CVSS 6.1
CVE-2025-49200
MEDIUM
SICK Field Analytics - Unprotected Sensitive Information Exposure via Unencrypted Backup Files
CVSS 6.5
CVE-2025-49184
HIGH
SICK Baggage Analytics - Unauthenticated Exposure of Sensitive Information via Missing Authorization
CVSS 7.5
CVE-2025-49150
MEDIUM
Cursor < 0.51.0 - Unauthenticated Exposure of Sensitive Information via JSON Schema Download
CVSS 5.9
CVE-2025-4798
MEDIUM
WP-DownloadManager <= 1.68.10 - Authenticated Arbitrary File Read via Download Directory Misconfiguration
CVSS 4.9
CVE-2025-30675
MEDIUM
Apache CloudStack 4.0.0-4.19.2.0 - Unauthorized Information Disclosure via listTemplates and listIsos APIs
CVSS 4.7
CVE-2025-26521
HIGH
Apache CloudStack 4.17.0.0-4.19.2.0 - Exposure of Sensitive Information via CKS Kubernetes Cluster Secret Config
CVSS 8.1
CVE-2025-43579
MEDIUM
Adobe Acrobat and Reader - Information Exposure and Security Feature Bypass
CVSS 5.5
CVE-2025-47969
MEDIUM
Windows 11 22H2/23H2/24H2 and Windows Server 2025 - Unauthorized Sensitive Information Exposure in Windows Hello
CVSS 4.4
CVE-2025-25250
MEDIUM
FortiOS <7.6.0, <7.4.7, all 7.2, all 7.0, all 6.4 - Info Disclosure
CVSS 4.3
CVE-2025-49143
MEDIUM
Nautobot < 1.6.32 - Unauthenticated Exposure of Sensitive Information via MEDIA_ROOT URL Endpoint
CVSS 5.9
CVE-2025-40662
HIGH
DM Corporative CMS < 2025.01 - Absolute Path Disclosure via Non-Existent File Access
CVSS 7.5
CVE-2025-49653
HIGH
BackendAI - Exposure of Sensitive Information in Active Sessions
CVSS 8.0
CVE-2025-25209
MEDIUM
Red Hat Connectivity Link - Info Disclosure
CVSS 5.7
CVE-2025-47966
CRITICAL
Power Automate for Desktop - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 9.8
CVE-2025-5690
MEDIUM
PostgreSQL Anonymizer <2.2.1 - Auth Bypass
CVSS 6.5
CVE-2025-20129
MEDIUM
Cisco Customer Collaboration Platform - Info Disclosure
CVSS 4.3
CVE-2025-5436
MEDIUM
Multilaser Sirius RE016 MLT1.0 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities
10,119
Exploit Likelihood
High