CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,173 vulnerabilities with CWE-200
CVE-2017-15589
MEDIUM
Xen through 4.9.x - Unauthenticated Exposure of Sensitive Information via Intercepted I/O Operations
CVSS 6.5
CVE-2017-15583
MEDIUM
ABB Fox515T 1.0 - Local File Inclusion via Unvalidated File Parameter
CVSS 6.5
CVE-2017-15577
HIGH
Redmine < 3.2.6 and 3.3.x < 3.3.3 - Exposure of Sensitive Information via Wiki Link Rendering
CVSS 7.5
CVE-2017-15576
HIGH
Redmine < 3.2.6 and 3.3.x < 3.3.3 - Exposure of Sensitive Information via Time Entry Rendering
CVSS 7.5
CVE-2017-14009
MEDIUM
ProMinent MultiFLEX M10a - Info Disclosure
CVSS 6.5
CVE-2017-15537
MEDIUM
Linux Kernel < 4.13.5 - Unauthorized FPU Register Exposure via xstate Header
CVSS 5.5
CVE-2017-9368
HIGH
BlackBerry Workspaces Server - Info Disclosure
CVSS 7.5
CVE-2017-8693
MEDIUM
Microsoft Graphics Component - Information Disclosure via Memory Object Handling
CVSS 5.5
CVE-2017-11817
MEDIUM
Microsoft Windows Kernel - Info Disclosure
CVSS 4.7
CVE-2017-11816
MEDIUM
Microsoft Windows - Info Disclosure
CVSS 5.5
CVE-2017-11815
MEDIUM
Microsoft Windows SMB - Information Disclosure via Request Handling
CVSS 5.3
CVE-2017-11814
MEDIUM
Microsoft Windows - Info Disclosure
CVSS 5.5
CVE-2017-11801
HIGH
ChakraCore < 1.7.2 - Information Disclosure via Memory Object Handling
CVSS 7.5
CVE-2017-11797
HIGH
ChakraCore < 1.7.2 - Information Disclosure via Memory Handling
CVSS 7.5
CVE-2017-11794
MEDIUM
Microsoft Edge - Information Disclosure via Memory Object Handling
CVSS 4.3
CVE-2017-11790
MEDIUM
Microsoft Windows - Info Disclosure
CVSS 4.3
CVE-2017-11785
MEDIUM
Microsoft Windows - Info Disclosure
CVSS 5.5
CVE-2017-11784
MEDIUM
Microsoft Windows Kernel - Info Disclosure
CVSS 5.5
CVE-2017-11776
HIGH
Microsoft Outlook 2016 - Info Disclosure
CVSS 7.5
CVE-2017-11772
HIGH
Microsoft Windows - Info Disclosure
CVSS 7.5
CVE-2017-11765
MEDIUM
Microsoft Windows - Info Disclosure
CVSS 5.5
CVE-2017-12849
MEDIUM
SilverStripe CMS < 3.5.5 and 3.6.x < 3.6.1 - User Enumeration via Login Timing Attack
CVSS 5.3
CVE-2017-15277
MEDIUM
GraphicsMagick 1.3.26 - Exposure of Sensitive Information via Uninitialized GIF Palette
CVSS 6.5
CVE-2017-15236
HIGH
Tiandy IP Camera Firmware 5.56.17.120 - Unauthenticated Sensitive Information Exposure via TCP Port 3001
CVSS 7.5
CVE-2017-15212
MEDIUM
Kanboard < 1.0.47 - Authenticated Exposure of Sensitive Information via Form Data Manipulation
CVSS 4.3
Details
Vulnerabilities
10,173
Exploit Likelihood
High