CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,173 vulnerabilities with CWE-200
CVE-2017-15210 MEDIUM
Kanboard < 1.0.47 - Authenticated Exposure of Sensitive Information via Thumbnail Access
CVSS 4.3
CVE-2017-15205 MEDIUM
Kanboard - Authenticated Unauthorized Attachment Download
CVSS 4.3
CVE-2017-15198 MEDIUM
Kanboard - Authenticated Private Project Category Modification
CVSS 4.3
CVE-2017-1538 MEDIUM
IBM Financial Transaction Manager 3.0.2 - Authenticated Exposure of Sensitive Information via Undocumented URL
CVSS 6.5
CVE-2017-11051 HIGH
Android - Information Disclosure in __wlan_hdd_cfg80211_testmode
CVSS 7.5
CVE-2017-14943 HIGH
Trapeze TransitMaster - Unauthenticated Exposure of Sensitive Information via ManageSubscriber.aspx/GetSubscriber
CVSS 7.5
CVE-2017-14603 HIGH
Asterisk <11.25.3-14.6.2 - Info Disclosure
CVSS 7.5
CVE-2017-14971 MEDIUM
InFocus Mondopad 2.2.08 - Hashed Credential Disclosure via Crafted Microsoft Office Document
CVSS 5.5
CVE-2017-14085 MEDIUM
Trend Micro OfficeScan <11.0 - Info Disclosure
CVSS 5.3
CVE-2017-9628 MEDIUM
Saia Burgess Controls PCD <1.28.16-1.24.69 - Info Disclosure
CVSS 5.3
CVE-2017-1000114 LOW
Datadog Plugin < 0.5.6 and 0.6.0-0.6.1 - API Key Exposure via Plaintext Transmission in Configuration Form
CVSS 3.1
CVE-2017-1000113 MEDIUM
Deploy to Container Plugin - Info Disclosure
CVSS 5.5
CVE-2017-1000108 HIGH
Pipeline: Input Step Plugin - Info Disclosure
CVSS 7.5
CVE-2017-1000100 MEDIUM
libcurl - Exposure of Sensitive Information via TFTP URL Redirect
CVSS 6.5
CVE-2017-1000099 MEDIUM
libcurl - Exposure of Sensitive Information via File URL Meta-Data Feature
CVSS 6.5
CVE-2017-1000094 MEDIUM
Docker Commons Plugin - Info Disclosure
CVSS 6.5
CVE-2017-1000087 MEDIUM
GitHub Branch Source - Info Disclosure
CVSS 4.3
CVE-2017-14991 MEDIUM
Linux Kernel < 4.13.4 - Information Disclosure via SG_GET_REQUEST_TABLE ioctl
CVSS 5.5
CVE-2017-1126 MEDIUM
IBM WebSphere Message Broker - Info Disclosure
CVSS 5.3
CVE-2017-11122 HIGH
Broadcom BCM4355C0 Firmware < 9.44.78.27.0.1.56 - Information Leak via ICMPv6 Router Advertisement Offloading
CVSS 7.5
CVE-2017-0825 HIGH
Android - Information Disclosure in Broadcom WiFi Driver
CVSS 7.5
CVE-2017-0823 HIGH
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 - Information Disclosure in rild
CVSS 7.5
CVE-2017-0817 HIGH
Android 4.4.4 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 7.5
CVE-2017-0816 MEDIUM
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 - Information Disclosure in Media Framework
CVSS 5.5
CVE-2017-0815 MEDIUM
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 - Information Disclosure in Media Framework
CVSS 5.5
Details
Vulnerabilities 10,173
Exploit Likelihood High