CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,173 vulnerabilities with CWE-200
CVE-2017-0849 MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 5.3
CVE-2017-0848 MEDIUM
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 5.3
CVE-2017-0840 HIGH
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 7.5
CVE-2017-0839 HIGH
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 7.5
CVE-2017-9701 HIGH
Android for MSM - Exposure of Sensitive Information via Fastboot OEM Unlock Command
CVSS 7.5
CVE-2017-11028 HIGH
Android for MSM - Exposure of Sensitive Information via ISP Camera Driver
CVSS 7.5
CVE-2017-11022 MEDIUM
Android for MSM - Exposure of Sensitive Information via WiFi Probe Requests
CVSS 5.3
CVE-2017-16715 HIGH
Moxa NPort 5110, 5130, and 5150 - Information Exposure via Ethernet Frame Padding
CVSS 8.6
CVE-2017-1088 LOW
FreeBSD Kernel Stack Information Disclosure via kld_file_stat
CVSS 3.3
CVE-2017-1086 LOW
FreeBSD Kernel Stack Information Disclosure via ptrace PT_LWPINFO
CVSS 3.3
CVE-2017-5738 CRITICAL
Intel Unite App 3.1.32.12 3.1.41.18 3.1.45.26 - Escalation of Privilege and Denial of Service
CVSS 9.1
CVE-2017-12315 MEDIUM
Cisco HyperFlex System - Info Disclosure
CVSS 6.0
CVE-2017-8810 HIGH
MediaWiki < 1.27.4, 1.28.x < 1.28.3, 1.29.x < 1.29.2 - Username Enumeration via Login Error Messages
CVSS 7.5
CVE-2017-12737 MEDIUM
Siemens SICAM RTUs SM-2556 COM Modules - Unauthenticated Exposure of Sensitive Information via Web Server
CVSS 5.3
CVE-2017-11880 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Initialization
CVSS 4.7
CVE-2017-11853 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Initialization
CVSS 5.5
CVE-2017-11852 MEDIUM
Microsoft GDI Component - Info Disclosure
CVSS 4.7
CVE-2017-11851 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Handling
CVSS 4.7
CVE-2017-11850 LOW
Microsoft Graphics Component - Information Disclosure via Improper Memory Handling
CVSS 2.5
CVE-2017-11849 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Initialization
CVSS 4.7
CVE-2017-11848 MEDIUM
Microsoft Internet Explorer - Info Disclosure
CVSS 4.3
CVE-2017-11844 MEDIUM
Microsoft Edge - Information Disclosure via Memory Object Handling
CVSS 4.3
CVE-2017-11842 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Initialization
CVSS 4.7
CVE-2017-11835 MEDIUM
Microsoft graphics - Info Disclosure
CVSS 5.5
CVE-2017-11834 MEDIUM
Internet Explorer - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,173
Exploit Likelihood High