CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2017-18687
MEDIUM
Android KK(4.4) L(5.0/5.1) M(6.0) N(7.0) - Unauthorized Sensitive Information Exposure via System Log
CVSS 5.3
CVE-2017-18686
MEDIUM
Samsung M(6.0)-N(7.0) - Info Disclosure
CVSS 5.3
CVE-2017-18694
MEDIUM
Samsung Android Exynos5 - Kernel Address Exposure via Log Format Specifier
CVSS 5.3
CVE-2017-18642
MEDIUM
Syska Smart Bulb <2017-08-06 - Info Disclosure
CVSS 6.5
CVE-2017-3211
MEDIUM
Yopify < 2017-04-06 - Unauthenticated Exposure of Sensitive Customer Data
CVSS 5.3
CVE-2017-8087
LOW
AVM Fritz!OS 6.80 and 6.83 - Information Leakage via PPPoE Packet Padding
CVSS 2.4
CVE-2017-18550
MEDIUM
Linux kernel <4.13 - Info Disclosure
CVSS 5.5
CVE-2017-18549
MEDIUM
Linux kernel <4.13 - Info Disclosure
CVSS 5.5
CVE-2017-18478
MEDIUM
cPanel 11.54.0.0-11.54.0.35 - Exposure of Sensitive Information via Rearrange Account XML-API
CVSS 6.5
CVE-2017-18474
MEDIUM
cPanel 11.54.0.0-11.54.0.35 - Unauthenticated Arbitrary File Read via Exim Valiases
CVSS 6.5
CVE-2017-18436
LOW
cPanel 55.9999.61-56.0.49 - Unauthenticated Sensitive File Read via Fileman::getfileactions API2 Call
CVSS 3.5
CVE-2017-18432
HIGH
cPanel 55.9999.61-56.0.49 - Database Password Exposure via Horde MySQL to SQLite Conversion
CVSS 7.8
CVE-2017-18428
LOW
cPanel 55.9999.61-56.0.51 - Unauthorized Sensitive Information Exposure via Apache HTTP Server Domlogs
CVSS 2.5
CVE-2017-18424
LOW
cPanel 60.0.3-60.0.45 - Unauthorized Exposure of Sensitive Information via Apache Configuration File
CVSS 3.3
CVE-2017-18396
MEDIUM
cPanel 61.9999.55-61.9999.9999 - Unauthenticated Arbitrary File Read via Exim vdomainaliases
CVSS 5.5
CVE-2017-18391
LOW
cPanel < 62.0.35 - Exposure of Sensitive Backup Files
CVSS 2.5
CVE-2017-11578
MEDIUM
Blipcare Wi-Fi Blood Pressure Monitor < bp700_10.1 - Sensitive Information Exposure via Plaintext HTTP
CVSS 5.9
CVE-2017-1107
MEDIUM
IBM Marketing Platform <10.1 - Info Disclosure
CVSS 4.3
CVE-2017-8337
HIGH
Securifi Almond AL-R096 - Unauthenticated Password Brute Force via Missing Origin Header Check
CVSS 8.8
CVE-2017-10719
MEDIUM
Shekar Endoscope Camera Firmware - Unauthenticated Exposure of Sensitive Information via Default Wi-Fi Credentials
CVSS 6.5
CVE-2017-11557
MEDIUM
ZOHO ManageEngine Apps Mgr <12.3 - Info Disclosure
CVSS 5.3
CVE-2017-5210
CRITICAL
Open-Xchange GmbH OX App Suite <7.8.3 - Info Disclosure
CVSS 9.8
CVE-2017-15652
MEDIUM
Artifex Ghostscript 9.22 - Exposure of Sensitive Information
CVSS 5.5
CVE-2017-9809
MEDIUM
OX App Suite <7.8.4 - Info Disclosure
CVSS 5.3
CVE-2017-6514
MEDIUM
WordPress 4.7.2 - Path Disclosure via OEmbed Endpoint
CVSS 5.3
Details
Vulnerabilities
10,172
Exploit Likelihood
High