CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2017-12884
HIGH
Open-xchange Appsuite < 7.8.4 - Information Disclosure
CVSS 7.5
CVE-2017-7510
HIGH
ovirt-engine 4.1 - Insufficiently Protected Credentials via REST Interface
CVSS 8.8
CVE-2017-1177
MEDIUM
IBM BigFix Compliance <1.9.91 - Info Disclosure
CVSS 5.3
CVE-2017-18332
MEDIUM
Qualcomm Snapdragon Firmware - Unauthorized Exposure of Security Keys via WCDMA Call Configuration
CVSS 5.5
CVE-2017-18326
MEDIUM
Qualcomm Snapdragon Mobile and Wear Firmware - Exposure of Sensitive Cryptographic Keys in Modem Debug Messages
CVSS 5.5
CVE-2017-18324
MEDIUM
Qualcomm Snapdragon Mobile and Wear Firmware - Cryptographic Key Material Exposure via GERAN Debug Messages
CVSS 5.5
CVE-2017-18322
MEDIUM
Qualcomm Snapdragon Mobile and Wear Firmware - Cryptographic Key Material Exposure via WCDMA Debug Messages
CVSS 5.5
CVE-2017-18321
MEDIUM
Qualcomm MDM9650, MDM9655, SD 835, SDA660 Firmware - Exposure of Sensitive Session Keys
CVSS 5.5
CVE-2017-15031
HIGH
ARM Trusted Firmware <= 1.4 - Secure World Timing Information Leak via PMCR_EL0 Register
CVSS 7.5
CVE-2017-1272
LOW
IBM Security Guardium 10.0-10.5 - Exposure of Sensitive Information via URL Parameters
CVSS 3.7
CVE-2017-18355
HIGH
Rendertron 1.0.0 - Exposure of Sensitive Information via node_modules Package Paths
CVSS 7.5
CVE-2017-1119
MEDIUM
IBM Marketing Operations <10.1 - Info Disclosure
CVSS 4.3
CVE-2017-18300
MEDIUM
Qualcomm Mdm9206 Firmware - Information Disclosure
CVSS 5.5
CVE-2017-5658
MEDIUM
Apache Pony Mail 0.7-0.9 - Unauthenticated Exposure of Sensitive Information via Statistics Generator
CVSS 5.3
CVE-2017-14443
MEDIUM
Insteon Hub <1012 - Info Disclosure
CVSS 6.5
CVE-2017-16639
MEDIUM
Tor Browser < 8.0 - Deanonymization via SMB Traffic Leak
CVSS 4.3
CVE-2017-1679
MEDIUM
IBM OpenPages GRC <8.0 - Info Disclosure
CVSS 5.5
CVE-2017-15139
HIGH
OpenStack Cinder <= Queens - Exposure of Sensitive Information via ScaleIO Thin Volume Zero Padding
CVSS 7.5
CVE-2017-18345
CRITICAL
joomanager < 2.0.0 - Unauthenticated Arbitrary File Download via configuration.php Path Parameter
CVSS 9.8
CVE-2017-1732
MEDIUM
IBM Security Access Manager 8.2.2 - Sensitive Information Exposure via Insecure Cookie Transmission
CVSS 4.3
CVE-2017-15138
MEDIUM
OpenShift Container Platform - Unauthorized Exposure of Webhook Tokens
CVSS 5.0
CVE-2017-1286
MEDIUM
IBM UrbanCode Deploy 6.1-6.9.6.0 - Exposure of Sensitive Configuration Information
CVSS 6.5
CVE-2017-2654
LOW
Jenkins Email Extension < 2.57.1 - Information Exposure via Dynamic Recipient List
CVSS 3.7
CVE-2017-9000
CRITICAL
ArubaOS Unauthenticated Arbitrary File Access
CVSS 9.8
CVE-2017-1412
MEDIUM
IBM Security Identity Governance Virtual Appliance 5.2-5.2.3.2 - Information Disclosure via Error Message
CVSS 4.3
Details
Vulnerabilities
10,172
Exploit Likelihood
High