CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,142 vulnerabilities with CWE-200
CVE-2024-6556 MEDIUM
SmartCrawl WordPress SEO checker <3.10.8 - Info Disclosure
CVSS 5.3
CVE-2024-6550 MEDIUM
Gravity Forms: Multiple Form Instances <1.1.1 - Info Disclosure
CVSS 5.3
CVE-2024-32670 HIGH
Samsung Galaxy SmartTag2 <0.20.04 - Info Disclosure
CVE-2024-38970 MEDIUM
vaethink 1.0.2 - Exposure of Sensitive Information via Access Management Administrator Function
CVSS 4.9
CVE-2024-27362 MEDIUM
Samsung Mobile Processors - Info Disclosure
CVSS 4.4
CVE-2024-38041 MEDIUM
Windows Kernel - Information Disclosure
CVSS 5.5
CVE-2024-38030 MEDIUM
Windows 10/11, Server 2012-2022 - Unauthorized Information Exposure via Theme Spoofing
CVSS 6.5
CVE-2024-38020 MEDIUM
Microsoft Outlook - Spoofing
CVSS 6.5
CVE-2024-38017 MEDIUM
Microsoft Message Queuing - Info Disclosure
CVSS 5.5
CVE-2024-30081 HIGH
Windows NTLM Spoofing - Privilege Escalation
CVSS 7.1
CVE-2024-6612 MEDIUM
Firefox < 128 and Thunderbird < 128 - DNS Prefetch Information Leak via CSP Violation Console Links
CVSS 5.3
CVE-2024-3228 MEDIUM
Social Sharing Plugin - Kiwi plugin for WordPress <2.1.7 - Info Dis...
CVSS 5.3
CVE-2024-39600 MEDIUM
SAP GUI for Windows - Unauthenticated Exposure of Sensitive Information via Memory
CVSS 5.0
CVE-2024-37180 MEDIUM
SAP Basis - Unauthenticated Exposure of Sensitive Information via Remote-Enabled Function Module
CVSS 4.1
CVE-2024-39593 MEDIUM
SAP Landscape Management - Authenticated Exposure of Sensitive Information via REST Provider Definition Response
CVSS 6.9
CVE-2024-39896 HIGH
Directus < 10.13.0 - User Enumeration via SSO Error Messages
CVSS 7.5
CVE-2024-23562 MEDIUM
HCL Domino - Unauthenticated Sensitive Information Exposure
CVSS 5.3
CVE-2024-40597 HIGH
MediaWiki <1.42.1 - Info Disclosure
CVSS 7.5
CVE-2024-39182 HIGH
ISPmanager <6.98.0 - Info Disclosure
CVSS 7.5
CVE-2024-39210 HIGH
Best House Rental Management System < 1.0 - Arbitrary File Read via Page Parameter
CVSS 7.5
CVE-2024-6506 HIGH
MRW plugin <5.4.3 - Info Disclosure
CVSS 8.2
CVE-2024-32754 LOW
Johnson Controls Kantech KT1, KT2, KT400 - Unauthenticated Sensitive Info Exposure via Factory Reset
CVSS 3.1
CVE-2024-39683 MEDIUM
ZITADEL 2.53.0-2.53.7 - Unauthorized Exposure of User Sessions via Session Listing
CVSS 5.7
CVE-2024-36122 LOW
Discourse < 3.2.3 and < 3.3.0.beta4 - Unauthorized Email Exposure in Review Queue
CVSS 2.4
CVE-2024-6426 HIGH
MESbook 20221021.03 - Info Disclosure
CVSS 8.1
Details
Vulnerabilities 10,142
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits