CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,172 vulnerabilities with CWE-200
CVE-2017-13200
HIGH
Android 7.0-8.1 - Information Disclosure in ID3 Unsynchronization
CVSS 7.5
CVE-2017-13188
CRITICAL
Android 7.0-8.1 - Information Disclosure in Media Framework AAC
CVSS 9.1
CVE-2017-13187
CRITICAL
Android 7.0-8.1 - Information Disclosure in libhevc
CVSS 9.1
CVE-2017-13185
CRITICAL
Android 7.0, 7.1.1, 7.1.2, 8.0 - Information Disclosure in Media Framework libhevc
CVSS 9.1
CVE-2017-0846
HIGH
Android 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 - Information Disclosure in Clipboard Service
CVSS 7.5
CVE-2017-16741
MEDIUM
PHOENIX CONTACT FL SWITCH - Info Disclosure
CVSS 5.3
CVE-2017-1681
LOW
IBM WebSphere Application Server <3.15 - Info Disclosure
CVSS 3.3
CVE-2017-1478
LOW
IBM Security Access Manager 9.0.0 - Unauthorized Exposure of Sensitive Information via Local Web Page Storage
CVSS 3.3
CVE-2017-15850
HIGH
Android - Exposure of Sensitive Information via Audio Codec Registers
CVSS 7.5
CVE-2017-14870
HIGH
Android - Unauthorized Sensitive Information Exposure via eMMC Recovery Message Update
CVSS 7.5
CVE-2017-14869
HIGH
Android - Uninitialized Data Exposure via FOTA Partition Update
CVSS 7.5
CVE-2017-11079
CRITICAL
Android - Exposure of Sensitive Information via Uninitialized Heap Memory in Sparse Image Processing
CVSS 9.8
CVE-2017-11066
HIGH
Android - Exposure of Sensitive Information via Uninitialized Memory Access During UBI Image Flashing
CVSS 7.5
CVE-2017-12169
HIGH
FreeIPA >= 4.2.0 - Authenticated Exposure of Stage User Password Hashes
CVSS 7.5
CVE-2017-9796
MEDIUM
Apache Geode <1.3.0 - Info Disclosure
CVSS 5.3
CVE-2017-9795
HIGH
Apache Geode < 1.3.0 - Unauthorized Data Access and Remote Code Execution via OQL Queries
CVSS 7.5
CVE-2017-12622
HIGH
Apache Geode < 1.3.0 - Authenticated Exposure of Sensitive Information via gfsh HTTP Connection
CVSS 7.1
CVE-2017-12697
MEDIUM
GM Shanghai OnStar iOS Client 7.1 - Man-in-the-Middle Information Disclosure
CVSS 5.9
CVE-2017-4948
HIGH
VMware Workstation <14.1.0 and 12.x - Info Disclosure
CVSS 7.1
CVE-2017-1669
LOW
IBM Tivoli Key Lifecycle Manager <2.8 - Info Disclosure
CVSS 3.7
CVE-2017-5754
MEDIUM
Intel Atom C/E/X3 - Unauthorized Information Disclosure via Speculative Execution Side-Channel
CVSS 5.6
CVE-2017-1000413
MEDIUM
Linaro's OP-TEE <2.4.0 - Info Disclosure
CVSS 5.9
CVE-2017-1000412
HIGH
Linaro's OP-TEE <2.4.0 - Info Disclosure
CVSS 7.5
CVE-2017-17926
MEDIUM
PHP Scripts Mall Professional Service Script - Predictable Registration URL Leading to Unauthorized Account Creation
CVSS 5.3
CVE-2017-17898
HIGH
Dolibarr ERP/CRM 6.0.4 - Exposure of Sensitive Information via Direct TPL.PHP File Access
CVSS 7.5
Details
Vulnerabilities
10,172
Exploit Likelihood
High