CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,173 vulnerabilities with CWE-200
CVE-2017-1241
MEDIUM
IBM Rational Collaborative Lifecycle Management - Exposure of Sensitive Information via Stack Trace Display
CVSS 4.3
CVE-2017-1583
HIGH
IBM Liberty for Java for Bluemix >=3.13 - Exposure of Sensitive Information via MyFaces Error Handling
CVSS 7.5
CVE-2017-1211
LOW
IBM Daeja ViewONE 4.1.5.1 and 5.0.2 - Exposure of Sensitive Information via Logging
CVSS 2.5
CVE-2017-14327
MEDIUM
Extreme EXOS <22.x - Info Disclosure
CVSS 4.4
CVE-2017-7148
LOW
iPhone OS - Unauthorized Location Information Exposure via Location Framework
CVSS 3.3
CVE-2017-7142
MEDIUM
Safari < 10.1.2 - Unauthorized Sensitive Information Exposure via WebKit Storage
CVSS 5.3
CVE-2017-7141
MEDIUM
macOS < 10.12.6 - IP Address Exposure via Mail HTML Email Processing
CVSS 5.3
CVE-2017-7140
MEDIUM
iPhone OS < 10.3.3 - Sensitive Information Exposure via Keyboard Suggestions
CVSS 5.3
CVE-2017-7139
LOW
iPhone OS < 10.3.3 - Sensitive Information Exposure via Phone Component Timing Bug
CVSS 2.4
CVE-2017-7138
LOW
macOS < 10.12.6 - Unauthorized Apple ID Exposure via Directory Utility
CVSS 3.3
CVE-2017-7131
MEDIUM
iPhone OS < 10.3.3 - Unauthorized Contact Card Information Exposure via Bluetooth
CVSS 5.5
CVE-2017-7116
HIGH
iPhone OS < 10.3.3, tvOS < 10.2.2, watchOS < 3.2.3 - Kernel Memory Exposure via Wi-Fi Traffic
CVSS 7.5
CVE-2017-7090
HIGH
Safari < 10.1.2 - Exposure of Sensitive Information via WebKit Same Origin Policy Bypass
CVSS 7.5
CVE-2017-7082
LOW
macOS < 10.12.6 - Unauthorized Application Firewall Prompt Exposure via Screen Lock
CVSS 2.4
CVE-2017-13127
HIGH
VIP.com Mobile App - Unauthenticated Sensitive Information Exposure via Rogue Access Point
CVSS 8.1
CVE-2017-2131
MEDIUM
Panasonic KX-HJB1000 Firmware GHX1YG 14.50 and HJB1000_4.47 - Unauthenticated Exposure of Sensitive Configuration Data
CVSS 5.3
CVE-2017-10422
MEDIUM
Oracle PeopleSoft Enterprise PeopleTools 8.54 - Sensitive Information Exposure via Updates Change Assistant
CVSS 5.9
CVE-2017-10421
MEDIUM
Oracle Hospitality Suite8 8.10.1-8.10.2 - Authenticated Exposure of Sensitive Information via Leisure Subcomponent
CVSS 6.5
CVE-2017-10383
MEDIUM
Oracle Hospitality Guest Access 4.2.0 and 4.2.1 - Unauthenticated Exposure of Sensitive Information via HTTP
CVSS 5.3
CVE-2017-10373
HIGH
Oracle PeopleSoft Enterprise PT PeopleTools 8.55-8.56 - Sensitive Information Exposure via Health Center
CVSS 7.5
CVE-2017-10351
MEDIUM
PeopleSoft Enterprise PT PeopleTools 8.54-8.56 - Unauthenticated Exposure of Sensitive Information
CVSS 6.2
CVE-2017-10343
MEDIUM
Oracle Hospitality Simphony 2.8-2.9 - Unauthenticated Exposure of Sensitive Information via Import/Export
CVSS 6.5
CVE-2017-10339
MEDIUM
Oracle Hospitality Suite8 8.10.1 and 8.10.2 - Unauthenticated Exposure of Sensitive Information via HTTP
CVSS 5.9
CVE-2017-10337
MEDIUM
Oracle Hospitality Suite8 8.10.1-8.10.2 - Unauthorized Data Access and Partial Denial of Service via HTTP
CVSS 5.4
CVE-2017-10335
HIGH
Oracle PeopleSoft Enterprise PT PeopleTools 8.55-8.56 - Sensitive Information Exposure via Elastic Search
CVSS 7.5
Details
Vulnerabilities
10,173
Exploit Likelihood
High