CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,173 vulnerabilities with CWE-200
CVE-2017-8679 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Object Handling
CVSS 5.5
CVE-2017-8678 MEDIUM
Windows Kernel - Information Disclosure via Improper Memory Handling
CVSS 5.5
CVE-2017-8677 MEDIUM
Windows GDI+ - Kernel Memory Address Disclosure
CVSS 5.5
CVE-2017-8676 LOW
Microsoft Live Meeting - Information Disclosure
CVSS 3.3
CVE-2017-8648 MEDIUM
Microsoft Edge in Windows 10 Version 1703 - Information Disclosure via Memory Object Handling
CVSS 4.3
CVE-2017-8643 MEDIUM
Microsoft Edge - Information Disclosure via Clipboard Event Handling
CVSS 4.3
CVE-2017-8597 MEDIUM
Microsoft Edge in Windows 10 Version 1703 - Information Disclosure via Memory Object Handling
CVSS 4.3
CVE-2017-11761 MEDIUM
Microsoft Exchange <2013-2016 - Info Disclosure
CVSS 5.3
CVE-2017-1434 MEDIUM
IBM DB2 11.1 - Exposure of Sensitive Information in Error Log
CVSS 4.7
CVE-2017-1162 HIGH
IBM QRadar SIEM 7.2-7.3 - Exposure of Sensitive Information
CVSS 7.5
CVE-2017-1000250 MEDIUM
bluez < 5.46 - Exposure of Sensitive Information via SDP Search Attribute Request
CVSS 6.5
CVE-2017-14269 CRITICAL
EE 4GEE WiFi MBB <EE60_00_05.00_31 - Info Disclosure
CVSS 9.8
CVE-2017-14240 HIGH
Dolibarr ERP/CRM <6.0.0 - Info Disclosure
CVSS 7.5
CVE-2017-0793 MEDIUM
Android < 8.0 - Exposure of Sensitive Information in Memory Subsystem
CVSS 5.5
CVE-2017-0792 MEDIUM
Android - Information Disclosure in Broadcom Wi-Fi Driver
CVSS 6.5
CVE-2017-0779 MEDIUM
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 - Information Disclosure in Media Framework
CVSS 5.5
CVE-2017-0778 HIGH
Android 7.0, 7.1.1, 7.1.2 - Information Disclosure in Media Framework
CVSS 7.1
CVE-2017-0777 MEDIUM
Android 7.0, 7.1.1, 7.1.2 - Information Disclosure in Media Framework
CVSS 5.5
CVE-2017-0776 MEDIUM
Android 7.0 7.1.1 7.1.2 8.0 - Information Disclosure in Media Framework
CVSS 5.5
CVE-2017-2550 HIGH
Easy Joomla Backup 3.2.4 - Exposure of Sensitive Information via Predictable Backup Filename
CVSS 7.5
CVE-2017-6793 MEDIUM
Cisco Prime Collaboration Provisioning Tool - Info Disclosure
CVSS 6.5
CVE-2017-12224 MEDIUM
Cisco Meeting Server - Privilege Escalation
CVSS 6.5
CVE-2017-12216 HIGH
Cisco SocialMiner - XML External Entity Injection via Crafted XML File Import
CVSS 8.8
CVE-2017-14156 MEDIUM
Linux kernel <4.12.10 - Info Disclosure
CVSS 5.5
CVE-2017-14140 MEDIUM
Linux kernel <4.12.9 - Info Disclosure
CVSS 5.5
Details
Vulnerabilities 10,173
Exploit Likelihood High