CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,127 vulnerabilities with CWE-200
CVE-2025-24282 MEDIUM
macOS < 15.4 - Unauthorized File System Modification via Library Injection
CVSS 5.5
CVE-2025-24281 MEDIUM
macOS < 15.4 - Unprotected User Data Exposure
CVSS 5.5
CVE-2025-24280 MEDIUM
macOS 14.0-14.7.4 and <15.4 - Unprotected User Data Exposure via Sandbox Restriction Bypass
CVSS 5.5
CVE-2025-24279 MEDIUM
macOS < 13.7.5, < 14.7.5, < 15.4 - Unauthorized Contact Data Access via File Handling Issue
CVSS 4.3
CVE-2025-24276 MEDIUM
macOS < 13.7.5, < 14.7.5, < 15.4 - Unauthorized Access to Private Information
CVSS 5.5
CVE-2025-24263 CRITICAL
macOS < 15.4 - Unprotected User Data Exposure
CVSS 9.8
CVE-2025-24262 MEDIUM
macOS < 15.4 - Unprotected User Data Exposure via System Logs
CVSS 5.5
CVE-2025-24261 MEDIUM
macOS < 13.7.5, < 14.7.5, < 15.4 - Unauthorized File System Modification
CVSS 5.5
CVE-2025-24253 CRITICAL
macOS < 13.7.5, 14.7.5, 15.4 - Unprotected User Data Exposure via Symlink Handling
CVSS 9.8
CVE-2025-24250 CRITICAL
macOS < 13.7.5, < 14.7.5, < 15.4 - Unprotected User Data Exposure via Malicious HTTPS Proxy
CVSS 9.8
CVE-2025-24246 CRITICAL
macOS 13.0-13.7.4, <14.7.5, <15.4 - Unauthorized User Data Access via Injection Issue
CVSS 9.8
CVE-2025-24244 MEDIUM
iPadOS < 17.7.6 - Exposure of Sensitive Information via Maliciously Crafted Font
CVSS 5.5
CVE-2025-24239 MEDIUM
macOS < 15.4 - Unprotected User Data Exposure via Downgrade Attack
CVSS 6.5
CVE-2025-24232 CRITICAL
macOS < 13.7.5, 14.7.5, 15.4 - Unauthorized File Access via Malicious App
CVSS 9.8
CVE-2025-24226 MEDIUM
Xcode < 16.3 - Unauthorized Access to Private Information
CVSS 5.5
CVE-2025-24217 MEDIUM
iPadOS < 18.4 - Unauthorized Sensitive Information Exposure
CVSS 5.5
CVE-2025-24204 CRITICAL
macOS < 15.4 - Unprotected User Data Exposure
CVSS 9.8
CVE-2025-24164 MEDIUM
macOS < 13.7.5, < 14.7.5, < 15.4 - Unauthorized File System Modification
CVSS 5.5
CVE-2025-31124 MEDIUM
zitadel < 2.63.9 - Username Enumeration via Normalization Bypass
CVSS 5.3
CVE-2025-31125 MEDIUM KEV
Vite Development Server - Path Traversal
CVSS 5.3
CVE-2025-2840 MEDIUM
DAP to Autoresponders Email Syncing <1.0 - Info Disclosure
CVSS 5.3
CVE-2025-2860 MEDIUM
SaTECH BCU Firmware 2.1.3 - Authenticated Sensitive Information Exposure via XML File Access
CVSS 5.3
CVE-2025-2578 MEDIUM
Amelia plugin <1.2.19 - Info Disclosure
CVSS 5.3
CVE-2025-29497 MEDIUM
libming v0.4.8 - Memory Leak in parseSWF_MORPHFILLSTYLES
CVSS 6.5
CVE-2025-29489 MEDIUM
libming 0.4.8 - Memory Leak in parseSWF_MORPHLINESTYLES
CVSS 6.5
Details
Vulnerabilities 10,127
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits