CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2017-13839 MEDIUM
macOS < 10.13 - Unauthorized User Data Exposure via Spotlight
CVSS 5.5
CVE-2017-17769 MEDIUM
Android - Information Exposure in Audio Driver
CVSS 5.5
CVE-2017-15852 HIGH
Android - Exposure of Sensitive Information via Camera Driver
CVSS 7.8
CVE-2017-14891 MEDIUM
Android <2017-10-12 - Info Disclosure
CVSS 5.3
CVE-2017-14875 HIGH
Android for MSM <2017-05-23 - Heap Overread
CVSS 7.5
CVE-2017-11087 HIGH
Android libOmxVenc - Information Disclosure via Output Buffer Copy
CVSS 7.5
CVE-2017-1765 LOW
IBM Business Process Manager 8.6 - Authenticated Sensitive Information Exposure
CVSS 3.1
CVE-2017-1756 MEDIUM
IBM Business Process Manager 8.6 - Unauthorized Exposure of Sensitive Information via Local Web Page Storage
CVSS 4.0
CVE-2017-1705 MEDIUM
IBM Security Privileged Identity Manager 2.1.0 - Exposure of Sensitive Information via Page Comments
CVSS 4.3
CVE-2017-9681 MEDIUM
Android <2017-08-05 - Info Disclosure
CVSS 6.5
CVE-2017-11510 CRITICAL
Wanscam HW0021 Firmware - Unauthenticated Administrator Credential Exposure via ONVIF GetSnapshotUri Request
CVSS 9.8
CVE-2017-7630 MEDIUM
QNAP QTS <4.2.6-4.3.3 - Info Disclosure
CVSS 5.3
CVE-2017-12310 HIGH
Cisco Spark Hybrid Calendar Service - Info Disclosure
CVSS 7.5
CVE-2017-1524 MEDIUM
IBM Rational Collaborative Lifecycle Management 5.0-6.0 - Authenticated Sensitive Information Exposure via HTTP Request
CVSS 4.3
CVE-2017-17319 MEDIUM
Huawei P9 <EVA-AL10C00B399SP02 - Info Disclosure
CVSS 5.5
CVE-2017-15833 HIGH
Android - Information Exposure via Untrusted Pointer Dereference in update_userspace_power()
CVSS 7.8
CVE-2017-15814 MEDIUM
Android - Out-of-bounds Read in msm_flash_subdev_do_ioctl
CVSS 4.4
CVE-2017-14882 HIGH
Android - Out-of-Bounds Memory Access in Vendor-Specific Action Frame Processing
CVSS 7.5
CVE-2017-1741 MEDIUM
IBM WebSphere Application Server 7.0-9.0 Sensitive Information Exposure
CVSS 4.3
CVE-2017-16250 MEDIUM
Mitel ST 14.2 <= GA28 - Exposure of Sensitive Information via User ID Enumeration
CVSS 5.3
CVE-2017-2585 MEDIUM
Red Hat Keycloak < 2.5.1 - Timing Attack via Non-Constant Time HMAC Verification
CVSS 5.9
CVE-2017-17322 MEDIUM
Huawei Honor Smart Scale App <1.1.1 - Info Disclosure
CVSS 4.3
CVE-2017-17303 MEDIUM
Huawei DP300 <V500R002C00-SPC900 - Buffer Overflow
CVSS 4.9
CVE-2017-17280 LOW
Huawei LON-AL00BC00 - Info Disclosure
CVSS 3.5
CVE-2017-1625 MEDIUM
IBM Pulse for QRadar <1.0.4 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,172
Exploit Likelihood High