CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,129 vulnerabilities with CWE-200
CVE-2025-0224 MEDIUM
Provision-ISR - Info Disclosure
CVSS 5.3
CVE-2024-23104 MEDIUM
FortiVoice 7.0.0-7.0.1 - Info Disclosure
CVSS 5.4
CVE-2024-26480 HIGH
Statping-ng <0.91.0 - Info Disclosure
CVSS 7.5
CVE-2024-26479 MEDIUM
Statping-ng <0.91.0 - Info Disclosure
CVSS 5.3
CVE-2024-26478 MEDIUM
Statping-ng <0.91.0 - Info Disclosure
CVSS 5.3
CVE-2024-26477 HIGH
Statping-ng <0.91.0 - Info Disclosure
CVSS 7.5
CVE-2024-29720 MEDIUM
Terra Informatica Software, Inc Sciter <4.4.7.0 - Info Disclosure
CVSS 5.5
CVE-2024-38798 MEDIUM
EDK2 < edk2-stable202511 - Exposure of Sensitive Information via Local Access
CVE-2024-25011 MEDIUM
Ericsson Catalog Manager/Ericsson Order Care - Info Disclosure
CVSS 5.3
CVE-2024-13807 HIGH
Xagio SEO <7.1.0.5 - Info Disclosure
CVSS 7.5
CVE-2024-39335 CRITICAL
Mahara 23.04.0-23.04.6 - Exposure of Sensitive Information via Current Submissions Page
CVSS 9.1
CVE-2024-12575 MEDIUM
Poll Maker <= 5.8.9 - Unauthenticated Information Exposure via ays_finish_poll
CVSS 5.3
CVE-2024-58257 MEDIUM
Huawei EnzoH W5611T Firmware - OS Command Injection
CVSS 5.7
CVE-2024-58256 MEDIUM
Huawei EnzoH W5611T Firmware - OS Command Injection
CVSS 4.5
CVE-2024-58255 MEDIUM
Huawei EnzoH-W5611T Firmware - OS Command Injection
CVSS 5.0
CVE-2024-42209 LOW
HCL Connections - Exposure of Sensitive Information via Improper Request Handling
CVSS 3.5
CVE-2024-51769 HIGH
HPE AutoPass License Server <9.17 - Info Disclosure
CVSS 7.5
CVE-2024-13451 MEDIUM
The Contact Form by Bit Form <2.17.4 - Info Disclosure
CVSS 5.3
CVE-2024-38524 MEDIUM
GeoServer < 2.25.6 and 2.26.0-2.26.2 - Exposure of Sensitive Information via GeoWebCache Dispatcher
CVSS 5.3
CVE-2024-34711 CRITICAL
GeoServer < 2.25.0 - XML External Entity Injection via URI Validation Bypass
CVSS 9.3
CVE-2024-56193 MEDIUM
Android - Bluetooth Adapter Details Exposure via Permissions Bypass
CVSS 5.1
CVE-2024-54188 MEDIUM
Infoblox NETMRI <7.6.1 - Info Disclosure
CVSS 5.3
CVE-2024-53359 HIGH
Zalo 23.09.01 - Exposure of Sensitive Information via Crafted GET Request
CVSS 7.5
CVE-2024-13613 HIGH
Wise Chat <= 3.3.3 - Unauthenticated Sensitive Information Exposure via Uploads Directory
CVSS 7.5
CVE-2024-57096 MEDIUM
WPS Office <v.19302 - Info Disclosure
CVSS 5.5
Details
Vulnerabilities 10,129
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits