CWE-359

Exposure of Private Personal Information to an Unauthorized Actor

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

184 vulnerabilities with CWE-359
CVE-2021-3980 HIGH
Elgg < 3.3.23 - Exposure of Private Personal Information
CVSS 7.5
CVE-2021-28559 MEDIUM
Acrobat Reader DC <2021.001.20150 - Info Disclosure
CVSS 5.3
CVE-2021-21823 HIGH
komoot 10.26.9-11.1.11 - Information Disclosure via Friend Finder
CVSS 7.5
CVE-2021-22876 MEDIUM
libcurl 7.1.1-7.75.0 - Credential Leak via HTTP Referer Header
CVSS 5.3
CVE-2020-25900 MEDIUM
HelloTalk < 3.4.1 - Exposure of Private Personal Information to an Unauthorized Actor
CVSS 5.3
CVE-2020-37173 HIGH
AVideo Platform 8.1 - Info Disclosure
CVSS 7.5
CVE-2020-1688 MEDIUM
Juniper Networks SRX Series/NFX Series - Privilege Escalation
CVSS 6.5
CVE-2019-15623 MEDIUM
Nextcloud Server 16.0.1 - Info Disclosure
CVSS 5.3
CVE-2017-16769 MEDIUM
Synology Photo Station <6.8.1-3458 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 184
Links
MITRE CWE Entry Search this CWE With Exploits