CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,127 vulnerabilities with CWE-200
CVE-2025-24071 MEDIUM
Windows File Explorer - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 6.5
CVE-2025-27615 HIGH
umatiGateway - Unauthenticated Exposure of Sensitive Configuration Information
CVSS 8.2
CVE-2025-1322 MEDIUM
WP-Recall < 16.26.10 - Unauthenticated Information Exposure via Feed Shortcode
CVSS 4.3
CVE-2025-27604 HIGH
XWiki Confluence Migrator Pro < 1.11.7 - Unauthenticated Exposure of Sensitive Information via Public Homepage
CVSS 7.5
CVE-2025-26167 HIGH
Buffalo LS520D 4.53 - Info Disclosure
CVSS 7.5
CVE-2025-1714 MEDIUM
Perforce Gliffy <4.14.0-7 - Info Disclosure
CVE-2025-27675 CRITICAL
Vasion Print < 20.0.1923 & Virtual Appliance < 22.0.843 - OpenID Sensitive Information Exposure
CVSS 9.8
CVE-2025-1868 MEDIUM
Advanced IP Scanner & Advanced Port Scanner - Info Disclosure
CVSS 6.8
CVE-2025-25951 HIGH
Academia Student Information System EagleR 1.0.118 - Exposure of Sensitive Information via /rest/cb/executeBasicSearch
CVSS 7.5
CVE-2025-26263 MEDIUM
GeoVision ASManager <6.2.0 - Info Disclosure
CVSS 5.1
CVE-2025-25729 HIGH
Bosscomm IF740 Firmware <11001.7078,11001.0000 - Info Disclosure
CVSS 7.5
CVE-2025-27399 MEDIUM
Mastodon <4.1.23-4.3.4 - Info Disclosure
CVSS 5.3
CVE-2025-25333 HIGH
IKEA CN iOS 4.13.0 - Info Disclosure
CVSS 7.5
CVE-2025-25192 MEDIUM
GLPI < 10.0.18 - Authenticated Exposure of Sensitive Information via Debug Mode
CVSS 6.5
CVE-2025-21626 MEDIUM
GLPI 0.71-10.0.17 - Unauthenticated Exposure of Sensitive Information via status.php Endpoint
CVSS 5.8
CVE-2025-1063 MEDIUM
Classified Listing < 4.0.4 - Unauthenticated Sensitive Information Exposure via rtcl_taxonomy_settings_export
CVSS 5.3
CVE-2025-1606 MEDIUM
Best Employee Management System 1.0 - Information Disclosure in Backup File Handler
CVSS 4.3
CVE-2025-1595 MEDIUM
Anhui Xufan Information Technology EasyCVR <2.7.0 - Info Disclosure
CVSS 5.3
CVE-2025-22973 HIGH
QiboSoft QiboCMS X1.0 - Exposure of Sensitive Information via http_curl() Function
CVSS 7.5
CVE-2025-26310 MEDIUM
libming v0.4.8 - Denial of Service via ABC File Parsing Memory Leaks
CVSS 6.5
CVE-2025-26309 MEDIUM
libming v0.4.8 - Denial of Service via Crafted SWF File
CVSS 6.5
CVE-2025-25946 MEDIUM
Bento4 1.6.0-641 - Memory Leak in AP4_MarlinIpmpEncryptingProcessor and AP4_Processor
CVSS 5.5
CVE-2025-25945 MEDIUM
Bento4 1.6.0-641 - Exposure of Sensitive Information via Mp4Fragment.cpp and AP4_DescriptorFactory
CVSS 6.5
CVE-2025-25942 MEDIUM
Bento4 1.6.0-641 - Exposure of Sensitive Information via mp4fragment Tool
CVSS 6.5
CVE-2025-20158 MEDIUM
Cisco Video Phone 8875-9800 Series - Info Disclosure
CVSS 4.4
Details
Vulnerabilities 10,127
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits