Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-359

CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

184 vulnerabilities with CWE-359

CVE-2024-11206 HIGH

com.transsion.phoenix - Info Disclosure

CVE-2024-49386 MEDIUM

Acronis Cyber Files <9.0.0x24 - Info Disclosure

CVE-2024-47087 MEDIUM

Apex Softcell LD Geo - Info Disclosure

CVE-2024-47085 MEDIUM

Apex Softcell LD DP Back Office - Info Disclosure

CVE-2024-46979 MEDIUM

XWiki 13.2-14.10.20 Unauthorized Access via NotificationFilterPreferenceLivetableResults

CVE-2024-8891 MEDIUM

CIRCUTOR Q-SMT <1.0.4 - Info Disclosure

CVE-2024-45787 MEDIUM

Reedos aiM-Star 2.0.1 - Authenticated Sensitive Information Exposure via API Request Interception

CVE-2024-45591 MEDIUM

XWiki 1.8-15.10.8 - Unauthenticated Exposure of Private Personal Information via REST API

CVE-2024-44113 MEDIUM

SAP Business Warehouse - Info Disclosure

CVE-2024-41729 MEDIUM

SAP NetWeaver BW (BEx Analyzer) - Authenticated Information Disclosure via Missing Authorization Checks

CVE-2024-37136 MEDIUM

Dell Path to PowerProtect <1.2 - Info Disclosure

CVE-2024-6053 MEDIUM

TeamViewer <15.57 - Info Disclosure

CVE-2024-7697 HIGH

Transsion Carlcare - Exposure of Private Personal Information

CVE-2024-42347 HIGH

matrix-react-sdk <3.105.0 - Info Disclosure

CVE-2024-40796 MEDIUM

macOS Sonoma <14.6, iOS/iPadOS <16.7.9, macOS Monterey <12.7.6, mac...

CVE-2024-27881 MEDIUM

macOS 12.0-12.7.5, 13.0-13.6.7, 14.0-14.5 - Unprotected User Contact Data Exposure via Log Entries

CVE-2024-38103 MEDIUM

Microsoft Edge < 127.0.2651.74 - Information Disclosure

CVE-2024-37533 LOW

IBM InfoSphere Information Server 11.7 - Info Disclosure

CVE-2024-30321 MEDIUM

SIMATIC PCS 7 <V9.1 SP2 UC05 - Info Disclosure

CVE-2024-36682 HIGH

PrestaShop <=1.8.8 - Info Disclosure

CVE-2024-36677 HIGH

Weblir Login as customer PRO <1.2.7 - Info Disclosure

CVE-2024-27850 MEDIUM

Safari < 17.5 - User Fingerprinting via Noise Injection Algorithm

CVE-2024-30056 HIGH

Microsoft Edge Chromium < 124.0.2478.109 - Exposure of Private Personal Information

CVE-2024-4767 MEDIUM

Firefox <126, Firefox ESR <115.11, Thunderbird <115.11 - Info Discl...

CVE-2024-33271 HIGH

FME Modules eventsmanager <4.4.0 - Info Disclosure

Previous Page 5 of 8 Next

Details

Vulnerabilities 184

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy