CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2017-6793
MEDIUM
Cisco Prime Collaboration Provisioning Tool - Info Disclosure
CVSS 6.5
CVE-2017-12224
MEDIUM
Cisco Meeting Server - Privilege Escalation
CVSS 6.5
CVE-2017-12216
HIGH
Cisco SocialMiner - XML External Entity Injection via Crafted XML File Import
CVSS 8.8
CVE-2017-14156
MEDIUM
Linux kernel <4.12.10 - Info Disclosure
CVSS 5.5
CVE-2017-14140
MEDIUM
Linux kernel <4.12.9 - Info Disclosure
CVSS 5.5
CVE-2017-10793
HIGH
AT&T U-verse Firmware 9.2.2h0d83 - Exposure of Sensitive Information via BDC WAN Service
CVSS 8.1
CVE-2017-14114
MEDIUM
RTPproxy <2.2.alpha.20160822 - Info Disclosure/DoS
CVSS 6.5
CVE-2017-14099
HIGH
Asterisk <11.25.2, <13.17.1, <14.6.1 - Info Disclosure
CVSS 7.5
CVE-2017-14053
HIGH
NetApp OnCommand Unified Manager <7.2P1 - Info Disclosure
CVSS 7.5
CVE-2017-12872
MEDIUM
SimpleSAMLphp < 1.14.11 - Timing Side-Channel Attack via Standard Comparison Operator
CVSS 5.9
CVE-2017-12870
MEDIUM
SimpleSAMLphp < 1.14.12 - Exposure of Sensitive Information via AES Session Identifier Protection
CVSS 5.9
CVE-2017-12734
HIGH
Siemens LOGO! 8 BM < V1.81.2 - Session ID Exposure via Web Server
CVSS 7.5
CVE-2017-13774
HIGH
Hikvision iVMS-4200 < 2.6.2.6 - Exposure of Sensitive Information via Password Recovery
CVSS 7.8
CVE-2017-0379
HIGH
Libgcrypt < 1.8.1 - Exposure of Sensitive Information via Curve25519 Side-Channel Attack
CVSS 7.5
CVE-2017-3154
HIGH
Apache Atlas 0.6.0-incubating 0.7.0-incubating - Exposure of Sensitive Information via Error Stack Trace
CVSS 7.5
CVE-2017-1110
MEDIUM
IBM Curam Social Program Management <7.0 - Privilege Escalation
CVSS 6.5
CVE-2017-9978
MEDIUM
OSNEXUS QuantaStor < 4.3.0 - User Enumeration via Error Message
CVSS 5.3
CVE-2017-12857
HIGH
Polycom Unified Communications Software < 4.0.11 - Authenticated Information Disclosure via Web Application
CVSS 8.8
CVE-2017-13695
MEDIUM
Linux Kernel < 4.12.9 - Information Disclosure via ACPI Table Handling
CVSS 5.5
CVE-2017-13694
MEDIUM
Linux Kernel < 4.12.9 - Information Disclosure via ACPI Table Handling
CVSS 5.5
CVE-2017-13693
MEDIUM
Linux Kernel < 4.12.9 - Information Disclosure via ACPI Operand Cache
CVSS 5.5
CVE-2017-9512
HIGH
Atlassian Fisheye/Crucible <4.4.1 - Info Disclosure
CVSS 7.5
CVE-2017-13143
HIGH
ImageMagick < 6.9.7-6 and 7.x < 7.0.4-6 - Information Disclosure via Uninitialized Memory in ReadMATImage
CVSS 7.5
CVE-2017-1422
LOW
IBM MaaS360 DTM < 3.81 - Exposure of Sensitive Information via Improper User Rights Verification
CVSS 3.3
CVE-2017-8037
HIGH
Cloud Foundry CAPI-release v1.6.0-v1.38.0 and cf-release v244-v270 - Information Disclosure via Crafted CAPI Request
CVSS 7.5
Details
Vulnerabilities
10,178
Exploit Likelihood
High