CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,172 vulnerabilities with CWE-200
CVE-2017-13164 HIGH
Android Kernel - Information Disclosure in Binder Driver
CVSS 7.5
CVE-2017-13159 HIGH
Android 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Activity Manager Service
CVSS 7.5
CVE-2017-13158 HIGH
Android 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in ActivityManagerService
CVSS 7.5
CVE-2017-13157 HIGH
Android 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in ActivityManagerService
CVSS 7.5
CVE-2017-13152 HIGH
Android 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 7.5
CVE-2017-13150 CRITICAL
Android 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 9.1
CVE-2017-13149 CRITICAL
Android 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 9.1
CVE-2017-0879 CRITICAL
Android 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 9.1
CVE-2017-11031 HIGH
Android for MSM - Use-After-Free via VIDIOC_G_SDE_ROTATOR_FENCE ioctl
CVSS 7.5
CVE-2017-12080 MEDIUM
Synology Photo Station <6.8.1-3458, <6.3-2970 - Info Disclosure
CVSS 5.3
CVE-2017-12079 HIGH
Synology Photo Station <6.8.1-3458, <6.3-2970 - Info Disclosure
CVSS 7.5
CVE-2017-17104 HIGH
Fiyo CMS 2.0.7 - Arbitrary File Read via check_file.php
CVSS 7.5
CVE-2017-13664 CRITICAL
iSmartAlarm CubeOne Firmware < 2.2.4.8 - Exposure of Sensitive Information via Password File
CVSS 9.8
CVE-2017-3764 MEDIUM
Lenovo XClarity Administrator <1.4.0 - Info Disclosure
CVSS 5.3
CVE-2017-12365 MEDIUM
Cisco WebEx Event Center - Info Disclosure
CVSS 4.3
CVE-2017-12361 MEDIUM
Cisco Jabber for Windows - Info Disclosure
CVSS 4.0
CVE-2017-12354 MEDIUM
Cisco Secure Access Control System - Info Disclosure
CVSS 5.3
CVE-2017-17046 MEDIUM
Xen < 4.9.1 - Information Exposure via ARM DRAM Handling
CVSS 6.5
CVE-2017-1570 MEDIUM
IBM Rational Quality Manager - Authenticated Exposure of Sensitive Information via Stack Trace
CVSS 4.3
CVE-2017-1484 MEDIUM
IBM WebSphere Commerce 7.0 and 8.0 - Authenticated Exposure of Sensitive Information
CVSS 4.3
CVE-2017-1251 MEDIUM
IBM Rational Quality Manager - Exposure of Sensitive Information via Administrative Deployment Parameters
CVSS 4.3
CVE-2017-1240 MEDIUM
IBM Rational Quality Manager - Exposure of Sensitive Information via HTTP 500 Error Response
CVSS 4.3
CVE-2017-16994 MEDIUM
Linux Kernel <4.14.2 - Info Disclosure
CVSS 5.5
CVE-2017-13701 CRITICAL
MOXA EDS-G512E 5.1 build 16072215 - Exposure of Sensitive Information via Insecure Backup File
CVSS 9.8
CVE-2017-8183 MEDIUM
Huawei MTK Platform Smart Phone Firmware < Nice-AL00C00B160, < Nice-AL10C00B140 - Sensitive Information Exposure
CVSS 5.5
Details
Vulnerabilities 10,172
Exploit Likelihood High