CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,142 vulnerabilities with CWE-200
CVE-2024-29883 MEDIUM
CreateWiki < 2024-03-26 - Unauthorized Exposure of Sensitive Information via Wiki Request Suppression
CVSS 4.9
CVE-2024-30233 MEDIUM
WholesaleX <1.3.1 - Info Disclosure
CVSS 6.5
CVE-2024-29199 LOW
Nautobot < 1.6.16 - Unauthenticated Exposure of Sensitive Information via URL Endpoints
CVSS 3.7
CVE-2024-2728 MEDIUM
CIGESv2 - Exposure of Sensitive Information via TLS Implementation Flaw
CVSS 4.1
CVE-2024-2725 HIGH
CIGESv2 - Exposure of Sensitive Information via /vendor/composer/installed.json
CVSS 7.5
CVE-2024-2080 MEDIUM
LiquidPoll <3.3.76 - Info Disclosure
CVSS 4.3
CVE-2024-27277 MEDIUM
IBM Storage Protect Plus Server <10.1.16 - Info Disclosure
CVSS 6.2
CVE-2024-29036 MEDIUM
Saleor React Storefront < 1.0.2 - Unauthenticated Exposure of Sensitive User Data via Cache Leak
CVSS 4.3
CVE-2024-27286 MEDIUM
Zulip Server 3.0-8.3 - Unauthorized Sensitive Information Exposure via Message Move Operation
CVSS 6.5
CVE-2024-1477 MEDIUM
Easy Maintenance Mode <1.4.2 - Info Disclosure
CVSS 5.3
CVE-2024-2632 HIGH
Cegid Meta4 HR >=819.001.022 <819.001.022 - Exposure of Sensitive Information via dumpenv.jsp
CVSS 7.5
CVE-2024-26119 MEDIUM
Adobe Experience Manager < 6.5.20.0 and < 2024.3.0 - Information Exposure
CVSS 5.3
CVE-2024-26063 MEDIUM
Adobe Experience Manager < 6.5.20.0 and < 2024.3.0 - Information Exposure and Security Feature Bypass
CVSS 5.3
CVE-2024-27769 HIGH
Unitronics Unistream Unilogic <1.35.227 - Info Disclosure
CVSS 8.8
CVE-2024-25903 MEDIUM
N-Media Frontend File Manager <= 22.7 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.3
CVE-2024-25591 MEDIUM
Benjamin Rojas WP Editor <1.2.7 - Info Disclosure
CVSS 5.3
CVE-2024-25933 MEDIUM
PeproDev Ultimate Invoice <= 1.9.7 - Exposure of Sensitive Information
CVSS 5.3
CVE-2024-24867 MEDIUM
Osamaesh WP Visitor Statistics <6.9.4 - Info Disclosure
CVSS 5.3
CVE-2024-24845 MEDIUM
Post Thumbnail Editor <2.4.8 - Info Disclosure
CVSS 5.3
CVE-2024-23523 MEDIUM
Elementor Pro <3.19.2 - Info Disclosure
CVSS 6.5
CVE-2024-28242 MEDIUM
Discourse - Unauthorized Exposure of Secret Category Information via Background Settings
CVSS 5.3
CVE-2024-24748 MEDIUM
Discourse < 3.2.0 - Unauthorized Secret Subcategory Exposure
CVSS 5.3
CVE-2024-28849 MEDIUM
follow-redirects < 1.15.6 - Exposure of Sensitive Information via Proxy-Authentication Header
CVSS 6.5
CVE-2024-28193 MEDIUM
your_spotify < 1.8.0 - Unauthorized Exposure of Spotify API Tokens via Public Token
CVSS 6.5
CVE-2024-2106 MEDIUM
MasterStudy LMS <3.2.10 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,142
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits