CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,142 vulnerabilities with CWE-200
CVE-2024-34529 MEDIUM
Nebari - Exposure of Sensitive Information via Keycloak Root Password
CVSS 4.8
CVE-2024-3870 MEDIUM
Contact Form 7 Database Addon - CFDB7 <= 1.2.6.8 - Sensitive Information Exposure
CVSS 5.3
CVE-2024-0615 MEDIUM
Content Control < 2.1.0 - Unauthenticated Sensitive Information Exposure
CVSS 5.3
CVE-2024-25458 HIGH
CYCZCAM, SHIX ZHAO, SHIXCAM A9 Camera - Info Disclosure
CVSS 7.5
CVE-2024-24313 HIGH
Vaales Technologies V_QRS <2024-01-17 - Info Disclosure
CVSS 7.5
CVE-2024-32967 MEDIUM
zitadel < 2.45.7 and 2.50.0-2.50.3 - Unauthorized Sensitive Information Exposure via Database Connection Error
CVSS 5.3
CVE-2024-32963 MEDIUM
Navidrome < 0.52.0 - Unauthenticated User Impersonation via Parameter Tampering
CVSS 4.2
CVE-2024-33437 HIGH
CSS Exfil Protection 1.1.0 - Exposure of Sensitive Information via Missing CSS Style Rules Support
CVSS 7.5
CVE-2024-33436 MEDIUM
CSS Exfil Protection 1.1.0 - Exposure of Sensitive Information via Missing CSS Variable Support
CVSS 5.3
CVE-2024-29384 HIGH
CSS Exfil Protection <1.1.0 - Info Disclosure
CVSS 7.5
CVE-2024-33309 HIGH
TVS Motor Company Limited TVS Connet <4.5.1, 5.0.0 - Info Disclosure
CVSS 7.5
CVE-2024-33575 MEDIUM
User Meta <= 3.0 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.3
CVE-2024-33538 MEDIUM
Fastline Media LLC Assistant - Info Disclosure
CVSS 5.3
CVE-2024-4300 CRITICAL
E-WEBInformationCo. FS-EZViewer(Web) - Info Disclosure
CVSS 9.8
CVE-2024-3682 MEDIUM
WP STAGING/WP STAGING Pro <3.4.3/<5.4.3 - Info Disclosure
CVSS 5.3
CVE-2024-32046 MEDIUM
Mattermost <9.6.0, <9.5.2, <9.4.4 and <8.1.11 - Info Disclosure
CVSS 4.3
CVE-2024-2920 MEDIUM
WP-Members Membership Plugin <3.4.9.3 - Info Disclosure
CVSS 5.3
CVE-2024-33669 MEDIUM
Passbolt Browser Extension < 4.6.2 - Password Information Leak via HaveIBeenPwned API Requests
CVSS 6.1
CVE-2024-32467 MEDIUM
MeterSphere <2.10.14-lts - Info Disclosure
CVSS 5.7
CVE-2024-1139 HIGH
OpenShift cluster-monitoring-operator - Exposure of Sensitive Information via Pod Manifest
CVSS 7.7
CVE-2024-1102 MEDIUM
jberet < 2.2.1 - Unprotected Credential Exposure via Exception Logging
CVSS 6.5
CVE-2024-3733 MEDIUM
Essential Addons for Elementor - Info Disclosure
CVSS 5.3
CVE-2024-25917 HIGH
CodeRevolution WP Setup Wizard <1.0.8.1 - Info Disclosure
CVSS 8.8
CVE-2024-4173 HIGH
Brocade SANnav < 2.2.0 - Unauthenticated Exposure of Sensitive Information via Kafka Interface
CVSS 7.6
CVE-2024-4159 MEDIUM
Brocade SANnav < 2.3.0a - Unauthenticated Exposure of Sensitive Docker Information via Ports 2377/TCP and 7946/TCP
CVSS 4.3
Details
Vulnerabilities 10,142
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits