Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-359

CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

184 vulnerabilities with CWE-359

CVE-2024-29987 MEDIUM

Microsoft Edge Chromium < 124.0.2478.51 - Information Disclosure

CVE-2024-29986 MEDIUM

Microsoft Edge Chromium for Android < 124.0.2478.51 - Exposure of Private Personal Information

CVE-2024-29888 MEDIUM

Saleor 3.14.56-3.14.61 - Unauthorized Exposure of Private Personal Information via Click-and-Collect Address Overwrite

CVE-2024-28387 HIGH

axonaut < 3.2.0 - Sensitive Information Exposure via log.txt

CVE-2024-26192 HIGH

Microsoft Edge Chromium < 122.0.2365.52 - Information Disclosure

CVE-2024-23211 LOW

Safari < 17.3 - Unauthorized Exposure of Private Browsing Activity

CVE-2023-45721 MEDIUM

HCL Domino Leap 1.1-1.1.3 - Unauthenticated Exposure of Private Personal Information

CVE-2023-45720 MEDIUM

HCL Leap < 9.3.5 - Unauthenticated Exposure of Private Personal Information via Insufficient Default Configuration

CVE-2023-44255 MEDIUM

Fortinet FortiManager <7.4.2, FortiAnalyzer <7.4.2, FortiAnalyzer-B...

CVE-2023-50053 HIGH

Foundation.app Foundation platform 1.0 - Info Disclosure

CVE-2023-6695 MEDIUM

Beaver Themer <1.4.9 - Info Disclosure

CVE-2023-48680 MEDIUM

Acronis Cyber Protect <16 - Info Disclosure

CVE-2023-7014 MEDIUM

Molongui Authorship < 4.7.4 - Unauthenticated Sensitive Information Exposure via ma_debu Parameter

CVE-2023-6630 MEDIUM

Contact Form 7 - Insecure Direct Object Reference

CVE-2023-42830 LOW

iPadOS < 16.4 - Unauthorized Access to Sensitive Location Information via Log Entries

CVE-2023-50719 HIGH

XWiki Platform 7.2-milestone-2-14.10.14 - Unauthenticated Exposure of Sensitive Information via Solr Search

CVE-2023-25632 MEDIUM

Android Mobile Whale <3.0.1.2 - Auth Bypass

CVE-2023-5983 HIGH

Botanik Software Pharmacy Automation <2.1.133.0 - Info Disclosure

CVE-2023-36052 HIGH

Azure Command-Line Interface < 2.53.1 - Exposure of Private Personal Information via REST Command

CVE-2023-36018 HIGH

Visual Studio Code Jupyter Extension - SSRF

CVE-2023-34085 LOW

PingFederate < 11.3.0 - Unauthorized Exposure of Private User Attributes via DynamoDB Request

CVE-2023-44213 MEDIUM

Acronis Agent < c23.06 - Sensitive Information Disclosure via Excessive System Information Collection

CVE-2023-44156 HIGH

Acronis Cyber Protect 15 < build 35979 - Sensitive Information Disclosure via Spell-Jacking

CVE-2023-1936 LOW

GitLab CE/EE <15.11.10/<16.0.6/<16.1.1 - Info Disclosure

CVE-2023-35151 HIGH

XWiki 7.3-milestone-1-14.4.8 - Unauthenticated Exposure of Obfuscated Passwords via REST Endpoint

Previous Page 6 of 8 Next

Details

Vulnerabilities 184

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy