CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,142 vulnerabilities with CWE-200
CVE-2024-32086 HIGH
AitThemes Citadela Listing <5.18.1 - Info Disclosure
CVSS 7.5
CVE-2024-3574 HIGH
scrapy < 2.11.1 - Authorization Header Leak via Cross-Domain Redirect
CVSS 7.5
CVE-2024-31219 MEDIUM
Discourse-reactions - Info Disclosure
CVSS 4.3
CVE-2024-3780 HIGH
Technicolor CGA2121 <1.01 - Info Disclosure
CVSS 7.8
CVE-2024-24898 MEDIUM
openEuler kernel <4.19.90-2403.4.0.0244 - Info Disclosure
CVSS 6.0
CVE-2024-24891 MEDIUM
openEuler kernel <4.19.90-2403.4.0.0244 - Info Disclosure
CVSS 6.0
CVE-2024-22435 HIGH
Web ViewPoint Enterprise - Info Disclosure
CVSS 8.3
CVE-2024-3505 MEDIUM
JFrog Artifactory Self-Hosted <7.77.3 - Info Disclosure
CVSS 4.3
CVE-2024-29843 HIGH
Evolution Controller <2.04.560.31.03.2024 - Info Disclosure
CVSS 7.5
CVE-2024-29842 HIGH
Evolution Controller <2.04.560.31.03.2024 - Info Disclosure
CVSS 7.5
CVE-2024-29841 HIGH
Evolution Controller <2.04.560.31.03.2024 - Info Disclosure
CVSS 7.5
CVE-2024-29840 HIGH
Evolution Controller <2.04.560.31.03.2024 - Info Disclosure
CVSS 7.5
CVE-2024-29839 HIGH
Evolution Controller <2.04.560.31.03.2024 - Info Disclosure
CVSS 7.5
CVE-2024-29023 HIGH
Xibo <3.3.10-4.0.9 - Info Disclosure
CVSS 7.2
CVE-2024-3689 LOW
Zoneland O2oa < 2024-04-03 - Information Disclosure
CVSS 3.7
CVE-2024-30381 HIGH
Juniper Paragon Active Assurance Cont... - Information Disclosure
CVSS 8.4
CVE-2024-3706 MEDIUM
OpenGnsys 1.1.1d - Exposure of Sensitive Information via Backup File
CVSS 5.9
CVE-2024-29400 HIGH
RuoYi 4.5.1 - Exposure of Sensitive Information via Status Parameter
CVSS 7.5
CVE-2024-22734 MEDIUM
AMCS Group Trux Waste Mgmt <7.19.0018.26912 - Info Disclosure
CVSS 6.2
CVE-2024-2966 MEDIUM
Element Pack Elementor Addons <5.5.6 - Info Disclosure
CVSS 5.3
CVE-2024-2740 HIGH
Planet IGS-4215-16T2S <1.305b210528 - Info Disclosure
CVSS 7.7
CVE-2024-31464 MEDIUM
XWiki Platform 5.0-rc-1-14.10.18 - Authenticated Exposure of Sensitive Information via History Diff Feature
CVSS 6.8
CVE-2024-1643 CRITICAL
lunary-ai/lunary < 1.2.2 - Unauthenticated Organization Join and Data Access via Insufficient Permission Verification
CVSS 9.1
CVE-2024-31302 MEDIUM
CodePeople Contact Form Email < 1.3.44 - Exposure of Sensitive Information
CVSS 5.3
CVE-2024-2974 MEDIUM
Essential Addons for Elementor - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,142
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits