CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,142 vulnerabilities with CWE-200
CVE-2024-30300 CRITICAL
Adobe Framemaker Publishing Server <= 2022.2 - Information Exposure
CVSS 9.8
CVE-2024-37325 HIGH
Azure Data Science Virtual Machine < 24.05.24 - Elevation of Privilege
CVSS 8.1
CVE-2024-35263 MEDIUM
Microsoft Dynamics 365 (On-Premises) - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.7
CVE-2024-30096 MEDIUM
Windows Cryptographic Services - Info Disclosure
CVSS 5.5
CVE-2024-5813 MEDIUM
BeyondInsight Password Safe 23.3-23.3.0.929 - Authenticated SSH Private Key Exposure via Server Response
CVSS 5.9
CVE-2024-4266 MEDIUM
MetForm <= 3.8.8 - Unauthenticated Sensitive Information Exposure via handle_file
CVSS 5.3
CVE-2024-34684 LOW
SAP BusinessObjects Business Intelligence Platform - Authenticated Local Account Password Exposure
CVSS 3.7
CVE-2024-28164 MEDIUM
SAP NetWeaver AS Java - Unauthenticated Exposure of Sensitive Information via CAF Guided Procedures
CVSS 5.3
CVE-2024-36471 HIGH
Apache Allura 1.0.1-1.16.0 - Server-Side Request Forgery via Import Functionality
CVSS 7.5
CVE-2024-36307 MEDIUM
Trend Micro Apex One - Info Disclosure
CVSS 4.7
CVE-2024-27814 LOW
watchOS < 10.5 - Unauthorized Contact Information Exposure from Lock Screen
CVSS 2.4
CVE-2024-27806 MEDIUM
macOS Ventura <13.6.7 - Info Disclosure
CVSS 5.5
CVE-2024-35691 MEDIUM
Marketing Fire, LLC Widget Options - Extended <5.1.0. - Info Disclo...
CVSS 6.5
CVE-2024-35682 MEDIUM
Otter Blocks PRO <= 2.6.11 - Authenticated Exposure of Sensitive Information
CVSS 4.3
CVE-2024-35710 MEDIUM
Podlove Web Player <5.7.3 - Info Disclosure
CVSS 5.3
CVE-2024-5133 HIGH
lunary-ai/lunary <1.2.4 - Privilege Escalation
CVSS 8.1
CVE-2024-37150 HIGH
Deno 1.44.0 - Exposure of Sensitive Information via .npmrc Credential Leak
CVSS 7.6
CVE-2024-35178 HIGH
jupyter_server < 2.14.1 - Unauthenticated NTLMv2 Password Hash Exposure
CVSS 7.5
CVE-2024-5615 MEDIUM
Open Graph plugin <1.11.2 - Info Disclosure
CVSS 5.3
CVE-2024-0910 MEDIUM
Restrict for Elementor <1.0.7 - Info Disclosure
CVSS 5.3
CVE-2024-3716 MEDIUM
Red Hat Satellite - Exposure of Sensitive Information via Candlepin Password Leak in Process List
CVSS 6.2
CVE-2024-5483 MEDIUM
LearnPress - WordPress LMS Plugin <4.2.6.8 - Info Disclosure
CVSS 5.3
CVE-2024-36121 MEDIUM
Netty OHTTP Codec 0.0.3-0.0.11 - Nonce Reuse via Sequence Overflow
CVSS 5.9
CVE-2024-4220 MEDIUM
BeyondInsight <23.1 - Info Disclosure
CVSS 4.3
CVE-2024-34754 MEDIUM
A WP Life Contact Form Widget <1.3.9 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,142
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits