CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,173 vulnerabilities with CWE-200
CVE-2017-11833 LOW
Microsoft Edge - Information Disclosure via Cross-Origin Request Handling
CVSS 3.1
CVE-2017-11832 MEDIUM
Microsoft Windows < - Info Disclosure
CVSS 4.7
CVE-2017-11831 MEDIUM
Windows kernel - Information Disclosure via Memory Initialization
CVSS 4.7
CVE-2017-11803 MEDIUM
Microsoft Edge < Windows 10 1703/1709 & Server 1709 - Info Disclosure
CVSS 4.3
CVE-2017-11791 LOW
Microsoft <various> - Info Disclosure
CVSS 3.1
CVE-2017-11768 LOW
Windows Media Player - Info Disclosure
CVSS 2.5
CVE-2017-10267 HIGH
Oracle Tuxedo 11.1.1 12.1.1 12.1.3 12.2.2 - Unauthenticated Exposure of Sensitive Information via Jolt
CVSS 7.5
CVE-2017-10266 MEDIUM
Oracle Tuxedo 11.1.1 12.1.1 12.1.3 12.2.2 - Unauthenticated Sensitive Information Exposure via Jolt
CVSS 5.3
CVE-2017-9369 LOW
BlackBerry QNX SDP <=6.6.0/6.5.0SP1 Info Disclosure via Loader Env Var
CVSS 3.8
CVE-2017-3892 LOW
BlackBerry QNX Software Development Platform 6.6.0 - Information Disclosure via procfs
CVSS 3.8
CVE-2017-6275 HIGH
Nvidia Pixel - Information Disclosure via Thermal Driver Missing Bounds Check
CVSS 7.5
CVE-2017-1229 MEDIUM
IBM BigFix Platform 9.2-9.5 - Exposure of Sensitive Information via Missing HSTS
CVSS 5.9
CVE-2017-16804 MEDIUM
Redmine <3.2.7 & <3.3.4 - Info Disclosure
CVSS 4.3
CVE-2017-7113 MEDIUM
iPhone OS < 11.1 - Information Exposure via UIKit Secure Text Field Focus Bypass
CVSS 5.5
CVE-2017-13852 LOW
Apple <11.1, <10.13.1, <4.1, <11.1 - Info Disclosure
CVSS 3.3
CVE-2017-13844 LOW
iPhone OS < 11.1 - Unauthorized Photo Exposure via Lock-Screen Reply With Message
CVSS 2.4
CVE-2017-13842 MEDIUM
macOS < 10.13.1 - Unauthorized Memory Read via Kernel Component
CVSS 5.5
CVE-2017-13841 MEDIUM
macOS < 10.13.1 - Kernel Memory Read Restriction Bypass via Crafted App
CVSS 5.5
CVE-2017-13840 MEDIUM
macOS < 10.13.1 - Kernel Memory Read Restriction Bypass
CVSS 5.5
CVE-2017-13836 MEDIUM
Apple <10.13.1 - Privilege Escalation
CVSS 5.5
CVE-2017-13831 HIGH
macOS < 10.13.1 - Information Disclosure and Denial of Service in ImageIO
CVSS 7.1
CVE-2017-13823 MEDIUM
macOS < 10.13.1 - Unauthorized Memory Read via QuickTime
CVSS 5.5
CVE-2017-13822 MEDIUM
macOS < 10.13.1 - Unauthorized Memory Read via Quick Look
CVSS 5.5
CVE-2017-13821 MEDIUM
macOS < 10.13.1 - Unauthorized Memory Read via CFString Component
CVSS 5.5
CVE-2017-13818 MEDIUM
macOS < 10.13.1 - Kernel Memory Read Restriction Bypass via Crafted App
CVSS 5.5
Details
Vulnerabilities 10,173
Exploit Likelihood High