CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,134 vulnerabilities with CWE-200
CVE-2024-41259 CRITICAL
navidrome < 0.52.3 - Exposure of Sensitive Information via Insecure Gravatar Hashing
CVSS 9.1
CVE-2024-41264 HIGH
casdoor 1.636.0 - Improper Certificate Validation via Insecure SSH Host Key Handling
CVSS 7.5
CVE-2024-7339 MEDIUM
TVT and Provision-ISR DVR - Unauthenticated Sensitive Information Exposure via /queryDevInfo
CVSS 5.3
CVE-2024-6687 MEDIUM
CTT Expresso para WooCommerce <3.2.12 - Info Disclosure
CVSS 5.3
CVE-2024-7328 MEDIUM
YouDianCMS 7 - Information Disclosure via /t.php?action=phpinfo
CVSS 5.3
CVE-2024-41108 HIGH
fogproject 1.5.10-1.5.10.41 - Unauthenticated Information Disclosure via Hostinfo Page
CVSS 7.5
CVE-2024-41109 MEDIUM
Pimcore Admin Classic Bundle <1.3.10/1.4.6/1.5.2 - Sensitive Information Exposure
CVSS 6.3
CVE-2024-41701 MEDIUM
AccuPOS >= 2023.25 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.3
CVE-2024-41696 HIGH
PRI WEB Portal Add-On for Priority ERP on prem - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2024-41694 MEDIUM
PineApp Mail Relay - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.3
CVE-2024-40836 MEDIUM
watchOS 10.6-macOS Sonoma 14.6-iOS 17.6-iPadOS 17.6 - Info Disclosure
CVSS 5.5
CVE-2024-40823 MEDIUM
macOS < 12.7.6, < 13.6.8, < 14.6 - Unprotected User Data Exposure
CVSS 5.5
CVE-2024-40804 MEDIUM
macOS Sonoma <14.6 - Info Disclosure
CVSS 5.5
CVE-2024-40798 LOW
macOS Sonoma-14.6, iOS 16.7.9, iPadOS 16.7.9, macOS Monterey-12.7.6...
CVSS 3.3
CVE-2024-40793 MEDIUM
iPadOS < 16.7.9 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.5
CVE-2024-40775 MEDIUM
macOS < 12.7.6, < 13.6.8, < 14.6 - Unprotected User Data Exposure via Downgrade Attack
CVSS 5.5
CVE-2024-27884 MEDIUM
macOS Sonoma <14.5 - Info Disclosure
CVSS 5.5
CVE-2024-7156 MEDIUM
TOTOLINK A3700R 9.1.2u.5822_B20200513 - Information Disclosure via ExportSettings.sh
CVSS 5.3
CVE-2024-42049 CRITICAL
TightVNC Server for Windows < 2.8.84 - Unauthenticated Exposure of Sensitive Information via Control Pipe
CVSS 9.1
CVE-2024-5614 MEDIUM
Piotnet Addons For Elementor <2.4.29 - Info Disclosure
CVSS 5.3
CVE-2024-6569 MEDIUM
Campaign Monitor for WordPress <2.8.15 - Info Disclosure
CVSS 5.3
CVE-2024-6573 MEDIUM
Intelligence plugin for WordPress <1.4.0 - Info Disclosure
CVSS 5.3
CVE-2024-6566 MEDIUM
Aramex Shipping WooCommerce <1.1.21 - Info Disclosure
CVSS 5.3
CVE-2024-6549 MEDIUM
Admin Post Navigation <2.1 - Info Disclosure
CVSS 5.3
CVE-2024-6548 MEDIUM
WordPress Add Admin <2.0 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,134
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits