CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,142 vulnerabilities with CWE-200
CVE-2024-39807
LOW
Mattermost 9.5.0-9.5.5 and 9.8.0 - Exposure of Sensitive Information via Webhook Event Recipients
CVSS 3.1
CVE-2024-39353
LOW
Mattermost 9.5.0-9.5.5 and 9.8.0 - Exposure of Sensitive Information via Audit Log Sanitization Issue
CVSS 2.7
CVE-2024-39314
MEDIUM
toy-blog >= 0.4.3 < 0.5.0 - Unauthenticated Exposure of Sensitive Information via Command Line Parameter
CVSS 4.7
CVE-2024-39313
MEDIUM
toy-blog 0.5.4-0.6.1 - Unauthenticated Exposure of Private Articles
CVSS 6.5
CVE-2024-36986
MEDIUM
Splunk Cloud < 9.1.2308.207 - Information Disclosure
CVSS 6.3
CVE-2024-34696
MEDIUM
GeoServer 2.10.0-2.24.4 - Authenticated Exposure of Sensitive Information via Server Status Page
CVSS 4.5
CVE-2024-30135
LOW
HCL DRYiCE AEX - Exposure of Sensitive Information via Mobile Application Snapshot
CVSS 3.3
CVE-2024-2795
MEDIUM
SEO SIMPLE PACK <3.2.1 - Info Disclosure
CVSS 5.3
CVE-2024-22260
MEDIUM
VMware Workspace One UEM - Info Disclosure
CVSS 6.8
CVE-2024-36829
HIGH
Teldat M1 <11.00.05.50.01 - Info Disclosure
CVSS 7.5
CVE-2024-5010
HIGH
WhatsUp Gold < 23.1.3 - Unauthenticated Sensitive Information Exposure via TestController
CVSS 7.5
CVE-2024-6294
LOW
udn News Android APP - Info Disclosure
CVSS 3.9
CVE-2024-34991
HIGH
Quadra Informatique Axepta <1.3.4 - Info Disclosure
CVSS 7.5
CVE-2024-33881
MEDIUM
VirtoSoftware Virto Bulk File Download 5.5.44 - NTLMv2 Hash Leak via UNC Path Traversal
CVSS 5.3
CVE-2024-33880
MEDIUM
VirtoSoftware Virto Bulk File Download 5.5.44 - Exposure of Sensitive Information via Download Endpoint
CVSS 5.3
CVE-2024-5059
MEDIUM
A WP Life Event Management Tickets Booking < 1.4.0 - Exposure of Sensitive Information
CVSS 5.3
CVE-2024-35776
MEDIUM
Exeebit phpinfo() WP <= 5.0 - Unauthenticated Exposure of Sensitive Information
CVSS 5.3
CVE-2024-22002
HIGH
CORSAIR iCUE <5.9.105 - Code Injection
CVSS 7.8
CVE-2024-21685
MEDIUM
Jira Data Center 9.4.0-9.4.20 - Unauthenticated Exposure of Sensitive Information
CVSS 6.5
CVE-2024-37895
MEDIUM
Lobe Chat < 0.162.25 - Exposure of Sensitive Information via SSO/Access Code Authentication
CVSS 5.7
CVE-2024-38467
HIGH
Shenzhen Guoxin Synthesis <8.3.0 - Info Disclosure
CVSS 7.5
CVE-2024-5464
MEDIUM
Huawei EMUI and HarmonyOS - Exposure of Sensitive Information via NearLink Module
CVSS 4.0
CVE-2024-0093
MEDIUM
NVIDIA Virtual GPU < 13.11 and Cloud Gaming < 555.52.04 - Unauthorized Sensitive Information Exposure
CVSS 6.5
CVE-2024-37307
HIGH
Cilium 1.13.0-1.13.16 - Exposure of Sensitive Information via cilium-bugtool Envoy Dump
CVSS 7.9
CVE-2024-30472
HIGH
Telemetry Dashboard v1.0.0.8 - Unauthenticated Exposure of Sensitive Information
CVSS 7.5
Details
Vulnerabilities
10,142
Exploit Likelihood
High