CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,133 vulnerabilities with CWE-200
CVE-2024-42006 HIGH
Keyfactor AWS Orchestrator < 2.01 - Information Disclosure
CVSS 7.5
CVE-2024-41700 HIGH
Barix SIP Client Firmware - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2024-41698 MEDIUM
Priority < 24.0 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 4.3
CVE-2024-7925 MEDIUM
ZZCMS 2023 - Information Disclosure via eginfo.php phome Parameter
CVSS 4.3
CVE-2024-42658 CRITICAL
Wishnet Nepstech Wifi Router <1.0 - Info Disclosure
CVSS 9.8
CVE-2024-42657 HIGH
Wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 - Info Disclosure
CVSS 7.5
CVE-2024-42486 MEDIUM
Cilium <1.15.8-1.16.1 - Privilege Escalation
CVSS 5.4
CVE-2024-7630 MEDIUM
Relevanssi < 4.23.0 and Premium < 2.25.1 - Unauthenticated Sensitive Information Exposure via Search Query
CVSS 5.3
CVE-2024-7843 MEDIUM
Online Graduate Tracer System 1.0 - Information Disclosure in Export CSV Function
CVSS 5.3
CVE-2024-7842 MEDIUM
SourceCodester Online Graduate Tracer System 1.0 - Information Disclosure in Export Function
CVSS 5.3
CVE-2024-27731 MEDIUM
Friendica 2023.12 - Cross-Site Scripting via File Attachment Parameter
CVSS 6.1
CVE-2024-31799 MEDIUM
GNCC's GC2 Indoor Security Camera 1080P - Info Disclosure
CVSS 4.6
CVE-2024-7411 MEDIUM
Newsletters plugin <4.9.9 - Info Disclosure
CVSS 5.3
CVE-2024-7063 MEDIUM
ElementsKit Pro <= 3.6.6 - Authenticated Sensitive Information Exposure via render_raw Function
CVSS 4.3
CVE-2024-27120 HIGH
ComfortKey <24.1.2 - Info Disclosure
CVSS 7.5
CVE-2024-42435 MEDIUM
Zoom Workplace Apps - Info Disclosure
CVSS 4.9
CVE-2024-39822 MEDIUM
Zoom Meeting SDK <6.0.12, Rooms <6.1.0, Rooms Controller <6.1.0, Workplace <6.0.12 - Sensitive Info Exposure
CVSS 6.5
CVE-2024-41723 MEDIUM
F5 BIG-IP 15.1.0 - Exposure of Sensitive Information via iControl REST
CVSS 4.3
CVE-2024-38760 MEDIUM
David Maucher Send Users Email <1.5.1 - Info Disclosure
CVSS 5.3
CVE-2024-38756 MEDIUM
Weblizar Coming Soon <1.6.3 - Info Disclosure
CVSS 5.3
CVE-2024-38749 MEDIUM
Olive Themes Olive One Click Demo Import <1.1.2 - Info Disclosure
CVSS 5.3
CVE-2024-38747 HIGH
HitPay Payment Gateway <4.1.3 - Info Disclosure
CVSS 7.5
CVE-2024-38742 MEDIUM
MBE eShip <= 2.1.2 - Exposure of Sensitive Information via Improper Access Control
CVSS 5.3
CVE-2024-41736 MEDIUM
SAP Permit to Work - Authenticated Exposure of Sensitive Information
CVSS 4.3
CVE-2024-41733 MEDIUM
SAP Commerce - Unauthenticated User Enumeration via Registration and Login Processes
CVSS 5.3
Details
Vulnerabilities 10,133
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits