CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,146 vulnerabilities with CWE-200
CVE-2023-48129 MEDIUM
Line kimono-oldnew mini-app 13.6.1 - Unauthorized Sensitive Information Exposure via Channel Access Token Leakage
CVSS 5.4
CVE-2023-48135 MEDIUM
Line v13.6.1 - Exposure of Sensitive Information via Notification Channel Access Token
CVSS 5.4
CVE-2023-48132 MEDIUM
Line v13.6.1 - Exposure of Sensitive Information via Channel Access Token Leakage
CVSS 5.4
CVE-2023-48131 MEDIUM
Line v13.6.1 - Exposure of Sensitive Information via CHIGASAKI BAKERY Mini-App
CVSS 5.4
CVE-2023-48130 MEDIUM
Line GINZA CAFE mini-app 13.6.1 - Unauthorized Sensitive Information Exposure via Channel Access Token Leakage
CVSS 5.4
CVE-2023-43998 MEDIUM
Line v13.6.1 - Exposure of Sensitive Information via Notification Channel Access Token Leakage
CVSS 5.4
CVE-2023-43997 MEDIUM
Yoruichi hobby base mini-app <Line v13.6.1 - Info Disclosure
CVSS 5.4
CVE-2023-43996 MEDIUM
Q co ltd mini-app on Line <13.6.1 - Info Disclosure
CVSS 5.4
CVE-2023-43995 MEDIUM
picot.golf mini-app <Line 13.6.1 - Info Disclosure
CVSS 5.4
CVE-2023-43994 MEDIUM
Line v13.6.1 - Exposure of Sensitive Information via Channel Access Token Leakage
CVSS 5.4
CVE-2023-43993 MEDIUM
Line 13.6.1 - Exposure of Sensitive Information via Channel Access Token Leakage
CVSS 5.4
CVE-2023-43992 MEDIUM
STOCKMAN GROUP mini-app <Line 13.6.1 - Info Disclosure
CVSS 5.4
CVE-2023-48714 MEDIUM
Silverstripe Framework <4.13.39, <5.1.11 - Info Disclosure
CVSS 4.3
CVE-2023-42888 MEDIUM
iPadOS 16.0-16.7.5 - Exposure of Sensitive Information via Maliciously Crafted Image
CVSS 5.5
CVE-2023-28901 MEDIUM
Skoda Connect - Unauthenticated Exposure of Sensitive Vehicle Data via VIN Parameter
CVSS 5.3
CVE-2023-28900 MEDIUM
Skoda Connect - Unauthenticated Exposure of Sensitive User Information via VIN Query
CVSS 5.3
CVE-2023-7031 MEDIUM
Avaya Aura Experience Portal 8.0.0-8.1.2.0.0402 - Authenticated Insecure Direct Object Reference
CVSS 5.7
CVE-2023-50950 LOW
IBM QRadar SIEM 7.5 - Unauthorized Sensitive Email Information Exposure via Offense Rule Responses
CVSS 3.7
CVE-2023-45236 MEDIUM
EDK2 < 202311 - Predictable TCP Initial Sequence Number in Network Package
CVSS 5.8
CVE-2023-52101 CRITICAL
Huawei EMUI and HarmonyOS - Exposure of Sensitive Information via Wi-Fi Module
CVSS 9.1
CVE-2023-44112 HIGH
Device Authentication Module - Memory Corruption
CVSS 7.5
CVE-2023-50290 MEDIUM
Apache Solr 9.0.0-9.2.9 - Authenticated Exposure of Sensitive Information via Metrics API
CVSS 6.5
CVE-2023-49261 HIGH
Token Key Disclosure - Info Disclosure
CVSS 7.5
CVE-2023-6266 HIGH
WordPress Backup Migration <1.3.6 - Info Disclosure
CVSS 7.5
CVE-2023-42934 MEDIUM
iPadOS < 17.0 - Unauthorized Information Disclosure via Root App
CVSS 4.2
Details
Vulnerabilities 10,146
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits