CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,119 vulnerabilities with CWE-200
CVE-2025-20611 MEDIUM
Intel(R) Tiber Edge Platform - Info Disclosure
CVSS 4.7
CVE-2025-20030 LOW
Intel(R) Tiber Edge Platform - Info Disclosure
CVSS 2.6
CVE-2025-20013 MEDIUM
Intel(R) Tiber Edge Platform - Info Disclosure
CVSS 5.5
CVE-2025-32703 MEDIUM
Visual Studio 2017, 2019, 2022 - Information Disclosure via Insufficient Access Control
CVSS 5.5
CVE-2025-31256 MEDIUM
macOS < 15.5 - Unprotected User Data Exposure via Hot Corner Cache Handling
CVSS 5.5
CVE-2025-31250 MEDIUM
macOS < 15.5 - Unprotected User Data Exposure
CVSS 5.5
CVE-2025-31242 MEDIUM
iPadOS < 17.7.7 - Unauthorized Sensitive Data Exposure via Log Entries
CVSS 5.5
CVE-2025-31236 MEDIUM
macOS < 15.5 - Unprotected User Data Exposure
CVSS 5.5
CVE-2025-31225 HIGH
iPadOS < 18.5 - Exposure of Sensitive Call History in Spotlight Search
CVSS 7.1
CVE-2025-31220 MEDIUM
iPadOS < 17.7.7 and macOS < 13.7.6, < 14.7.6, < 15.5 - Unauthorized Sensitive Location Data Exposure
CVSS 5.5
CVE-2025-31218 MEDIUM
macOS < 15.5 - Unauthorized Hostname Exposure via Network Connection Monitoring
CVSS 6.2
CVE-2025-31207 HIGH
iPadOS < 18.5 - Unauthorized App Enumeration
CVSS 7.7
CVE-2025-24220 MEDIUM
iPadOS < 18.4 - Unauthorized Sensitive Information Exposure via Persistent Device Identifier
CVSS 5.5
CVE-2025-24155 MEDIUM
macOS < 13.7.6, < 14.7.6, < 15.3 - Kernel Memory Disclosure
CVSS 5.5
CVE-2025-24144 MEDIUM
Apple iPadOS < 17.7.7 - Information Disclosure via Kernel State Leak
CVSS 5.5
CVE-2025-24142 MEDIUM
macOS < 13.7.6, < 14.7.6, < 15.5 - Unprotected User Data Exposure via Log Entry Redaction
CVSS 5.5
CVE-2025-4536 MEDIUM
Gosuncn Audio-Visual Platform 1.0 Information Disclosure via /sysmgr/user/listByPage
CVSS 5.3
CVE-2025-4535 MEDIUM
Gosuncn Audio-Visual Platform 4.0 - Configuration File Information Disclosure
CVSS 5.3
CVE-2025-4526 MEDIUM
Dgitro NGC Explorer 3.44.15 - Missing Password Field Masking in Configuration Page
CVSS 4.3
CVE-2025-20221 MEDIUM
Cisco IOS XE SD-WAN - Unauthenticated Traffic Filter Bypass via Crafted Packet
CVSS 5.3
CVE-2025-3851 MEDIUM
WP SmartPay <2.7.13 - Insecure Direct Object Reference
CVSS 4.3
CVE-2025-47418 MEDIUM
Crestron Automate VX <6.4.0.49 - Info Disclosure
CVE-2025-47417 MEDIUM
Crestron Automate VX <6.4.0.49 - Info Disclosure
CVE-2025-46820 HIGH
phpgt/Dom < 4.1.8 - Exposure of Sensitive Information via GitHub Token in Workflow Artifact
CVSS 7.1
CVE-2025-46813 MEDIUM
Discourse 3.5.0.beta4 - Unauthenticated Exposure of Sensitive Information via Homepage Content Leak
CVSS 5.8
Details
Vulnerabilities 10,119
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits