CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,142 vulnerabilities with CWE-200
CVE-2024-23228 LOW
iPadOS < 17.3 - Unauthorized Exposure of Locked Notes Content
CVSS 3.3
CVE-2024-32816 HIGH
PickPlugins Post Grid <2.2.78 - Info Disclosure
CVSS 7.5
CVE-2024-32781 HIGH
ThemeHigh Email Customizer <2.6.0 - Info Disclosure
CVSS 7.5
CVE-2024-32780 MEDIUM
E4J VikRentCar <1.3.2 - Info Disclosure
CVSS 5.9
CVE-2024-32726 HIGH
Frontend Dashboard <= 2.2.2 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2024-32716 MEDIUM
StreamWeasels Twitch Integration <1.7.8 - Info Disclosure
CVSS 5.3
CVE-2024-28963 MEDIUM
Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 - Unauthenticated Exposure of Sensitive Proxy Settings Information
CVSS 6.2
CVE-2024-32051 MEDIUM
RoamWiFi R10 <4.8.45 - Info Disclosure
CVSS 6.5
CVE-2024-4022 MEDIUM
Keenetic KN-1010, KN-1410, KN-1711, KN-1810, KN-1910 < 4.1.2.15 - Information Disclosure via /version.js
CVSS 5.3
CVE-2024-4021 MEDIUM
Keenetic KN-* <4.1.2.15 - Info Disclosure
CVSS 5.3
CVE-2024-29961 HIGH
Brocade SANnav <2.3.1-2.3.0a - Info Disclosure
CVSS 8.2
CVE-2024-29987 MEDIUM
Microsoft Edge Chromium < 124.0.2478.51 - Information Disclosure
CVSS 6.5
CVE-2024-23557 LOW
HCL Connections - User Enumeration via Valid User Determination
CVSS 3.5
CVE-2024-31869 MEDIUM
Apache Airflow 2.7.0-2.8.4 - Authenticated Sensitive Information Exposure via Configuration UI Page
CVSS 4.3
CVE-2024-3928 MEDIUM
Dromara open-capacity-platform 2.0.1 - Info Disclosure
CVSS 4.3
CVE-2024-26864 MEDIUM
Linux Kernel 6.1.80-6.1.82, 6.2.0-6.6.22, 6.7.0-6.7.10, 6.8.0-6.8.1 - Sensitive Info Exposure via Refcount Mismanagement
CVSS 5.9
CVE-2024-32506 MEDIUM
SoftLab Radio Player <2.0.73 - Info Disclosure
CVSS 5.4
CVE-2024-29291
Laravel Framework <11 - Info Disclosure
CVE-2024-21095 HIGH
Oracle Primavera P6 EPPM 19.12.0-23.12.2 - Unauthenticated Sensitive Information Exposure
CVSS 8.2
CVE-2024-21077 HIGH
Oracle Trade Management 12.2.3-12.2.13 - Unauthenticated Exposure of Sensitive Information in GL Accounts LOV
CVSS 7.5
CVE-2024-21073 HIGH
Oracle Trade Management 12.2.3-12.2.13 - Unauthenticated Exposure of Sensitive Information in Claim LOV
CVSS 7.5
CVE-2024-21064 MEDIUM
Oracle Business Intelligence Enterprise Edition 7.0.0.0.0/12.2.1.4.0 - Unauthorized Data Access
CVSS 5.4
CVE-2024-21040 MEDIUM
Oracle Complex Maintenance 12.2.3-12.2.13 - Sensitive Information Exposure via LOV
CVSS 6.1
CVE-2024-20991 MEDIUM
Oracle HTTP Server 12.2.1.4.0 - Unauthenticated Exposure of Sensitive Information via Web Listener
CVSS 5.3
CVE-2024-20990 MEDIUM
Oracle Applications Technology 12.2.3-12.2.13 - Unauthenticated Exposure of Sensitive Information via Templates
CVSS 5.3
Details
Vulnerabilities 10,142
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits