CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2017-16054
HIGH
nodefabric - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16053
HIGH
fabric-js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16052
HIGH
node-fabric - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16051
HIGH
sqliter - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16050
HIGH
sqlite.js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16049
HIGH
nodesqlite - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16048
HIGH
node-sqlite - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16045
HIGH
jquery.js - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16044
HIGH
D3.js - Information Disclosure
CVSS 7.5
CVE-2017-16024
MEDIUM
sync-exec < 0.6.2 - Insecure Temporary File
CVSS 6.5
CVE-2017-16007
MEDIUM
node-jose < 0.9.3 - Exposure of Sensitive Information via Invalid Curve Attack
CVSS 5.9
CVE-2017-16062
HIGH
node-tkinter - Exposure of Sensitive Information via Environment Variable Hijacking
CVSS 7.5
CVE-2017-16061
HIGH
tkinter - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-16047
HIGH
mysqljs - Exposure of Sensitive Information via Malicious Environment Variable Hijacking
CVSS 7.5
CVE-2017-1768
MEDIUM
IBM Security Guardium Big Data Intelligence 3.1 - Exposure of Sensitive Information via Error Message
CVSS 4.3
CVE-2017-14185
MEDIUM
FortiOS 5.2.0-5.2.12, 5.4.0-5.4.8, 5.6.0-5.6.2 - Information Disclosure via SSL-VPN Web Portal
CVSS 5.3
CVE-2017-1752
MEDIUM
IBM UrbanCode Deploy 6.1-6.1.3.7 - Authenticated Exposure of Sensitive Information
CVSS 4.9
CVE-2017-2609
MEDIUM
Jenkins < 2.44 and < 2.32.2 - Unauthorized Information Disclosure via Search Suggestions
CVSS 4.3
CVE-2017-2603
LOW
Jenkins < 2.44 and 2.32.2 - User Data Leak in Disconnected Agents' config.xml API
CVSS 2.6
CVE-2017-2600
MEDIUM
Jenkins < 2.44 and < 2.32.2 - Unauthenticated Information Disclosure via Node Monitor Remote API
CVSS 4.3
CVE-2017-12128
HIGH
Moxa EDR-810 <V4.1 - Info Disclosure
CVSS 7.5
CVE-2017-2606
MEDIUM
Jenkins < 2.44 and < 2.32.2 - Unauthenticated Exposure of Sensitive Item Names via Internal API
CVSS 4.3
CVE-2017-1743
MEDIUM
IBM WebSphere Application Server 7.0-9.0 Sensitive Information Exposure
CVSS 4.3
CVE-2017-1116
MEDIUM
IBM Campaign <10.0 - Info Disclosure
CVSS 4.3
CVE-2017-9284
MEDIUM
NetIQ Identity Manager 4.6-4.6.2.1 - Exposure of Sensitive Information
CVSS 4.8
Details
Vulnerabilities
10,172
Exploit Likelihood
High