CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,129 vulnerabilities with CWE-200
CVE-2024-56526 MEDIUM
OXID eShop < 7.0.5 - Unauthorized User Information Exposure via Smarty Syntax Error
CVSS 4.9
CVE-2024-58252 MEDIUM
HarmonyOS - Exposure of Sensitive Information via Media Library Module
CVSS 6.2
CVE-2024-11994 MEDIUM
Elastic APM Server 8.0.0-8.16.0 - Sensitive Information Exposure in Error Logs
CVSS 5.7
CVE-2024-11299 MEDIUM
Memberpress <1.11.37 - Info Disclosure
CVSS 5.3
CVE-2024-52280 HIGH
SUSE rancher <c744f0b - Info Disclosure
CVSS 7.7
CVE-2024-52282 MEDIUM
SUSE Rancher <2.8.10-2.9.4 - Info Disclosure
CVSS 6.2
CVE-2024-13820 MEDIUM
Melhor Envio <2.15.9 - Info Disclosure
CVSS 5.3
CVE-2024-43046 MEDIUM
Qualcomm CSR8811 and FastConnect Firmware - Information Disclosure in TZ Secure OS Memory Re-allocation
CVSS 5.5
CVE-2024-13604 HIGH
KB Support - Sensitive Information Exposure
CVSS 7.5
CVE-2024-42208 LOW
HCL Connections - Exposure of Sensitive Information via Improper Request Handling
CVSS 3.5
CVE-2024-13567 HIGH
Awesome Support - WordPress HelpDesk & Support Plugin <6.3.1 - Info...
CVSS 7.5
CVE-2024-40864 LOW
macOS Ventura <13.7.5 - Info Disclosure
CVSS 2.7
CVE-2024-13498 MEDIUM
NEX-Forms <= 8.8.1 - Unauthenticated Sensitive Information Exposure via File Uploads
CVSS 5.3
CVE-2024-54473 MEDIUM
macOS < 15.0 - Unprotected User Data Exposure via Improper Redaction
CVSS 5.5
CVE-2024-54469 MEDIUM
iPadOS < 18.0 - Unauthorized Sensitive Information Exposure
CVSS 5.5
CVE-2024-54467 MEDIUM
Safari < 18 - Unauthorized Data Exfiltration via Cookie Management Issue
CVSS 6.5
CVE-2024-54463 MEDIUM
macOS < 15.0 - Unauthorized Access to Removable Volumes
CVSS 5.5
CVE-2024-44179 LOW
iPadOS < 17.7 - Unauthorized Contact Number Exposure via Lock Screen
CVSS 2.4
CVE-2024-10321 MEDIUM
All-in-One Addons for Elementor - WidgetKit <= 2.5.5 - Sensitive Information Exposure
CVSS 4.3
CVE-2024-13640 MEDIUM
Print Invoice & Delivery Notes for WooCommerce <5.4.1 - Info Disclo...
CVSS 5.9
CVE-2024-13086 MEDIUM
QNAP QTS and QuTS hero - Exposure of Sensitive Information
CVSS 5.3
CVE-2024-11153 MEDIUM
Content Control < 2.5.0 - Unauthenticated Sensitive Information Exposure
CVSS 5.3
CVE-2024-58049 MEDIUM
HarmonyOS - Incorrect Default Permissions in Media Library Module
CVSS 5.0
CVE-2024-58047 MEDIUM
HarmonyOS - Incorrect Default Permissions in Media Library Module
CVSS 5.0
CVE-2024-53011 HIGH
Qualcomm Snapdragon and FastConnect Firmware - Information Disclosure in Video Analytics Engine
CVSS 7.9
Details
Vulnerabilities 10,129
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits