CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,173 vulnerabilities with CWE-200
CVE-2017-1333 MEDIUM
IBM OpenPages GRC Platform <7.4 - Info Disclosure
CVSS 5.3
CVE-2017-1148 MEDIUM
IBM OpenPages GRC Platform <7.2,7.3 - Info Disclosure
CVSS 5.3
CVE-2017-16353 MEDIUM
GraphicsMagick 1.3.26 - Info Disclosure
CVSS 6.5
CVE-2017-12625 MEDIUM
Apache Hive <2.1.2, <2.2.1, <2.3.1 - Sensitive Information Exposure via Masking Bypass
CVSS 4.3
CVE-2017-1000242 LOW
Jenkins Git Client Plugin <2.4.2 - Info Disclosure
CVSS 3.3
CVE-2017-16248 HIGH
Catalyst-Plugin-Static-Simple <0.34 - Info Disclosure
CVSS 7.5
CVE-2017-1000383 MEDIUM
GNU Emacs <25.3.1 - Info Disclosure
CVSS 5.5
CVE-2017-1000382 MEDIUM
VIM < 8.0.1187 - Unintended File Permission Exposure via Swap File Creation
CVSS 5.5
CVE-2017-10944 MEDIUM
Foxit Reader 8.3.0.14878 - Out-of-bounds Read in ObjStm Object Parsing
CVSS 6.5
CVE-2017-10943 MEDIUM
Foxit Reader 8.3.0.14878 - Out-of-bounds Read in PDF Parser
CVSS 6.5
CVE-2017-10942 MEDIUM
Foxit Reader 8.3.0.14878 - Out-of-bounds Read in PDF Parser
CVSS 6.5
CVE-2017-3935 HIGH
Network Data Loss Prevention - MIME Sniffing
CVSS 7.5
CVE-2017-3934 MEDIUM
McAfee NDLP <9.3.x - Info Disclosure
CVSS 5.9
CVE-2017-15597 CRITICAL
Xen < 4.9.0 - Denial of Service via Grant Copying Memory Corruption
CVSS 9.1
CVE-2017-15937 MEDIUM
Artica Pandora FMS 7.0 - Unauthenticated Sensitive Information Exposure via Graph Request
CVSS 6.5
CVE-2017-5117 MEDIUM
Google Chrome <61.0.3163.79 - Info Disclosure
CVSS 6.5
CVE-2017-5096 MEDIUM
Google Chrome < 60.0.3112.78 for Android - Sensitive Information Exposure via Cross Origin Content Download
CVSS 4.3
CVE-2017-5082 MEDIUM
Google Chrome <59.0.3071.92 - Info Disclosure
CVSS 5.5
CVE-2017-5075 MEDIUM
Google Chrome <59.0.3071.86-59.0.3071.92 - Info Disclosure
CVSS 4.3
CVE-2017-1230 MEDIUM
IBM BigFix Platform 9.2 and 9.5 - Exposure of Sensitive Information via Predictable Token
CVSS 5.3
CVE-2017-1228 LOW
IBM BigFix Platform 9.2 and 9.5 - Sensitive Information Exposure via Insecure Cookie Attribute
CVSS 3.7
CVE-2017-1226 MEDIUM
IBM BigFix Platform 9.2 and 9.5 - Exposure of Sensitive Information in Error Logs
CVSS 4.3
CVE-2017-1225 MEDIUM
IBM BigFix Platform 9.2 and 9.5 - Exposure of Sensitive Information via URL Parameters
CVSS 5.3
CVE-2017-1220 MEDIUM
IBM BigFix Platform 9.2 and 9.5 - Exposure of Sensitive Information
CVSS 5.3
CVE-2017-1295 MEDIUM
IBM Rational Collaborative Lifecycle Management - Exposure of Sensitive Information
CVSS 4.3
Details
Vulnerabilities 10,173
Exploit Likelihood High