CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,133 vulnerabilities with CWE-200
CVE-2024-8612 LOW
Red Hat Enterprise Linux - Information Disclosure in virtio-scsi, virtio-blk, and virtio-crypto Devices
CVSS 3.8
CVE-2024-47060 MEDIUM
Zitadel < 2.54.10 and 2.62.0-2.62.1 - Unauthorized Access via Inactive Organization Projects
CVSS 4.3
CVE-2024-47059 MEDIUM
Mautic 5.1.0 - Username Enumeration via Weak Password Login Response
CVSS 4.3
CVE-2024-46987 HIGH
Camaleon CMS 2.8.0-2.8.1 - Authenticated Path Traversal via MediaController Download
CVSS 7.7
CVE-2024-46979 MEDIUM
XWiki 13.2-14.10.20 Unauthorized Access via NotificationFilterPreferenceLivetableResults
CVSS 5.3
CVE-2024-8969 MEDIUM
OMFLOW < 1.2.0 - Authenticated Exposure of Sensitive Information
CVSS 6.5
CVE-2024-45811 MEDIUM
Vite 5.4.0-5.4.5, 5.3.0-5.3.5, 5.0.0-5.2.13, 4.0.0-4.5.4, < 3.2.11 - Unauthenticated Arbitrary File Read via @fs Bypass
CVSS 4.8
CVE-2024-44186 MEDIUM
macOS < 15.0 - Unprotected User Data Exposure via Sandbox Restriction Bypass
CVSS 5.5
CVE-2024-44184 MEDIUM
iPadOS < 17.7 - Unauthorized Access to User-Sensitive Data
CVSS 5.5
CVE-2024-44182 MEDIUM
macOS < 13.7, < 14.7, < 15 - Unprotected User Data Exposure via Shortcut Launch Failure Logging
CVSS 5.5
CVE-2024-44181 MEDIUM
macOS < 13.7, < 14.7, < 15 - Unauthorized Sensitive Location Information Exposure via Temporary File Handling
CVSS 5.5
CVE-2024-44180 LOW
iPadOS < 18.0 - Unauthorized Contact Access from Lock Screen
CVSS 2.4
CVE-2024-44163 MEDIUM
macOS < 13.7, < 14.7, < 15 - Unauthorized Access to Private Information
CVSS 5.5
CVE-2024-44158 MEDIUM
iPadOS < 17.7 - Unprotected User Data Exposure via Shortcut
CVSS 5.5
CVE-2024-44152 HIGH
macOS < 15.0 - Unprotected User Data Exposure via Log Entry
CVSS 7.5
CVE-2024-44139 LOW
iPadOS and iOS < 18 - Unauthorized Contact Access from Lock Screen
CVSS 2.4
CVE-2024-44129 MEDIUM
macOS < 13.7 - Unauthorized Sensitive Information Exposure
CVSS 5.5
CVE-2024-40863 MEDIUM
iPadOS < 18.0 - Unauthorized Exposure of Sensitive User Information
CVSS 5.5
CVE-2024-40862 MEDIUM
Xcode < 16.0 - Unauthorized Apple ID Exposure
CVSS 5.3
CVE-2024-40850 MEDIUM
macOS Ventura <13.7 - Info Disclosure
CVSS 5.5
CVE-2024-40842 MEDIUM
macOS Sequoia <15 - Info Disclosure
CVSS 5.5
CVE-2024-40838 LOW
macOS Sequoia <15 - Info Disclosure
CVSS 3.3
CVE-2024-45799 HIGH
FluxCP < 1.3.0 - Stored Cross-Site Scripting via Shop Names
CVSS 7.3
CVE-2024-8780 MEDIUM
OMFLOW < 1.2.1.3 - Unauthorized Sensitive Information Exposure via Data Query Functionality
CVSS 6.5
CVE-2024-8777 HIGH
syscomgo omflow 1.1.6.0-1.2.1.2 - Unauthenticated Information Leakage via LDAP Configuration
CVSS 7.5
Details
Vulnerabilities 10,133
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits