CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,133 vulnerabilities with CWE-200
CVE-2024-45134 LOW
Adobe Commerce <2.4.7-p2 - Info Disclosure
CVSS 2.7
CVE-2024-6747 MEDIUM
Checkmk <2.3.0p18, <2.2.0p36, <2.1.0p49, EOL - Info Disclosure
CVSS 5.3
CVE-2024-30118 LOW
HCL Connections - Exposure of Sensitive Information via Improper Request Handling
CVSS 3.5
CVE-2024-3656 HIGH
Keycloak < 24.0.5 - Authenticated Privilege Escalation via Admin REST API Endpoints
CVSS 8.1
CVE-2024-43610 HIGH
Copilot Studio - Unauthenticated Exposure of Sensitive Information
CVSS 7.4
CVE-2024-43609 MEDIUM
Microsoft 365 Apps and Office - Exposure of Sensitive Information via Spoofing
CVSS 6.5
CVE-2024-33506 LOW
FortiManager < 7.2.6 - Authenticated Exposure of Sensitive Information via Crafted HTTP Requests
CVSS 3.3
CVE-2024-8884 CRITICAL
Schneider Electric System Monitor in Harmony Industrial PC & Pro-face PS5000 - Sensitive Info Exposure via HTTP
CVSS 9.8
CVE-2024-47344 MEDIUM
StylemixThemes uListing <2.1.5 - Info Disclosure
CVSS 5.3
CVE-2024-45250 MEDIUM
ZKteco iClock v3.1-168 - Exposure of Sensitive Information
CVSS 4.3
CVE-2024-45245 HIGH
Vynamic View < 5.9.5 - Exposure of Sensitive Information
CVSS 7.8
CVE-2024-47848 MEDIUM
The Wikimedia Foundation Mediawiki - PageTriage <1.39.9-1.42.2 - In...
CVE-2024-20491 MEDIUM
Cisco Nexus Dashboard Insights - Info Disclosure
CVSS 6.3
CVE-2024-20490 MEDIUM
Cisco Nexus Dashboard - Info Disclosure
CVSS 6.3
CVE-2024-46548 MEDIUM
TP-Link Tapo P125M & Kasa KP125M v1.0.3 - Info Disclosure
CVSS 6.3
CVE-2024-47532 MEDIUM
RestrictedPython <7.3 - Info Disclosure
CVSS 6.5
CVE-2024-45792 MEDIUM
MantisBT < 2.26.4 - Authenticated Exposure of Sensitive Information via Crafted POST Request
CVSS 6.5
CVE-2024-46471 HIGH
CodeAstro Membership Management System 1.0 - Exposure of Sensitive Information via Directory Listing
CVSS 7.5
CVE-2024-47197 HIGH
Maven Archetype Plugin <3.3.0 - Info Disclosure
CVSS 7.5
CVE-2024-43237 MEDIUM
TaxoPress WordPress Tag Cloud Plugin - Info Disclosure
CVSS 5.3
CVE-2024-8516 MEDIUM
Themesflat Addons For Elementor <2.2.1 - Info Disclosure
CVSS 4.3
CVE-2024-8483 MEDIUM
MAS Static Content <1.0.8 - Info Disclosure
CVSS 4.3
CVE-2024-7426 MEDIUM
PeepSo < 6.4.6.0 - Unauthenticated Full Path Disclosure via sse.php
CVSS 5.3
CVE-2024-8801 MEDIUM
Happy Addons for Elementor <3.12.2 - Info Disclosure
CVSS 4.3
CVE-2024-42351 MEDIUM
Galaxy < 21.05 - Unauthenticated Data Tampering via Public Dataset Replacement
CVSS 6.5
Details
Vulnerabilities 10,133
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits