CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2017-16078 HIGH
shadowsock - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16077 HIGH
mongose - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16076 HIGH
proxy.js - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16075 HIGH
http-proxy.js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16074 HIGH
crossenv - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16073 HIGH
noderequest - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16072 HIGH
nodemailer.js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16071 HIGH
nodemailer-js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16070 HIGH
nodecaffe - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16069 HIGH
nodeffmpeg - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16068 HIGH
ffmepg - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16067 HIGH
node-opencv - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16066 HIGH
opencv.js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16065 HIGH
openssl.js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16064 HIGH
node-openssl - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16063 HIGH
node-opensl - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16060 HIGH
babelcli - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16059 HIGH
mssql-node - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16058 HIGH
gruntcli - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16057 HIGH
nodemssql - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16056 HIGH
mssql.js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-1476 MEDIUM
IBM Security Access Manager < 9.0.3.1 - Information Disclosure
CVSS 5.9
CVE-2017-1474 MEDIUM
IBM Security Access Manager 7.0.0-7.0.0.32, 8.0.0-8.0.1.6, 9.0.0-9.0.3.1 - Exposure of Sensitive Information
CVSS 5.3
CVE-2017-12092 LOW
Allen Bradley Micrologix 1400 <21.2 - File Write
CVSS 3.7
CVE-2017-16055 HIGH
sqlserver - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
Details
Vulnerabilities 10,172
Exploit Likelihood High