CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2017-9682 MEDIUM
Qualcomm Android - Use After Free
CVSS 4.7
CVE-2017-9680 HIGH
Qualcomm Android CAF Linux Kernel - Uninitialized Memory Exposure in Driver Error Logging
CVSS 7.5
CVE-2017-9679 HIGH
Qualcomm Android - Information Exposure via Non-NULL-Terminated Userspace String
CVSS 7.5
CVE-2017-8254 MEDIUM
Qualcomm Android - Exposure of Sensitive Information via Audio Client Pointer Dereference
CVSS 5.5
CVE-2017-1501 MEDIUM
IBM WebSphere Application Server 8.0, 8.5, 9.0 - Exposure of Sensitive Information via Weak Security Bindings
CVSS 5.9
CVE-2017-6786 MEDIUM
Cisco Elastic Services Controller - Info Disclosure
CVSS 6.3
CVE-2017-6784 MEDIUM
Cisco RV340/RV345/RV345P Routers - Unauthenticated Sensitive Information Exposure
CVSS 5.3
CVE-2017-6783 MEDIUM
Cisco WSA ESA SMA - Info Disclosure
CVSS 4.3
CVE-2017-6778 MEDIUM
Cisco Ultra Services Platform 21.0.v0.65839 - Authenticated Exposure of Sensitive Information via GET Request
CVSS 6.5
CVE-2017-6777 MEDIUM
Cisco Elastic Services Controller 2.3-2.3(2) - Authenticated Sensitive Information Exposure via ConfD Server
CVSS 4.9
CVE-2017-6772 MEDIUM
Cisco Elastic Services Controller 2.3(2) - Authenticated Sensitive Information Exposure via Configuration Files
CVSS 4.3
CVE-2017-6771 HIGH
Cisco Ultra Services Framework - Info Disclosure
CVSS 7.5
CVE-2017-12855 MEDIUM
Xen 4.5-4.9 - Exposure of Sensitive Information via Grant Table Status Bits
CVSS 6.5
CVE-2017-3118 MEDIUM
Adobe Acrobat and Reader < 11.0.21, 15.006.30355, 17.012.20098 - Security Bypass via Malicious Attachment Execution
CVSS 6.5
CVE-2017-3115 MEDIUM
Adobe Acrobat and Reader < 11.0.21, 15.006.30355, 17.012.20098 - Information Disclosure via PDF Link Handling
CVSS 6.5
CVE-2017-3110 HIGH
Adobe Experience Manager < 6.1 - Exposure of Sensitive Information
CVSS 7.5
CVE-2017-3107 HIGH
Adobe Experience Manager < 6.3 - Exposure of Sensitive Information
CVSS 7.5
CVE-2017-11272 HIGH
Adobe Digital Editions < 4.5.5 - Exposure of Sensitive Information
CVSS 7.5
CVE-2017-11232 MEDIUM
Adobe Acrobat and Reader < 11.0.20, 15.006.30306, 17.009.20058, 17.011.30066 - Use-After-Free via EMF Brush Manipulation
CVSS 6.5
CVE-2017-8269 MEDIUM
Qualcomm Products with Android CAF Linux Kernel - Kernel Memory Exposure via IPA WAN ioctl
CVSS 5.5
CVE-2017-8258 MEDIUM
Google Android - Information Disclosure
CVSS 5.5
CVE-2017-7737 MEDIUM
Fortinet FortiWeb <5.8.2 - Info Disclosure
CVSS 4.9
CVE-2017-3130 HIGH
FortiOS 5.6.0 and 5.4.4 - Unauthenticated Information Disclosure via IKE VendorID Packet
CVSS 7.5
CVE-2017-1377 MEDIUM
IBM Runbook Automation - Info Disclosure
CVSS 4.3
CVE-2017-0739 MEDIUM
Android 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 - Information Disclosure in Media Framework
CVSS 5.5
Details
Vulnerabilities 10,178
Exploit Likelihood High