CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2017-2642
MEDIUM
Moodle 3.1-3.1.6 - Exposure of Sensitive Information via User Preferences Page
CVSS 6.5
CVE-2017-7683
HIGH
Apache OpenMeetings 1.0.0 - Info Disclosure
CVSS 7.5
CVE-2017-1000362
CRITICAL
Jenkins 1.498-2.32.1 - Unprotected Sensitive Data Exposure via Re-key Admin Monitor Backups
CVSS 9.8
CVE-2017-1000029
HIGH
GlassFish Server Open Source Edition 3.0.1 - Unauthenticated Local File Inclusion
CVSS 7.5
CVE-2017-1000025
HIGH
GNOME Web <3.23.5-3.20.7 - Info Disclosure
CVSS 7.5
CVE-2017-1000007
MEDIUM
txaws < 0.4.0 - Exposure of Sensitive Information via Incomplete Certificate Verification
CVSS 5.9
CVE-2017-0196
MEDIUM
Microsoft Edge - Information Disclosure via Crafted Web Site
CVSS 6.5
CVE-2017-9788
CRITICAL
Apache httpd <2.2.34 & 2.4.x <2.4.27 - Info Disclosure
CVSS 9.1
CVE-2017-11165
CRITICAL
dataTaker DT80 dEX 1.50.012 - Unauthenticated Sensitive Information Exposure via config.xml Request
CVSS 9.8
CVE-2017-8592
MEDIUM
Microsoft Windows and Browsers - Security Feature Bypass via Redirect Request Mishandling
CVSS 6.5
CVE-2017-8582
MEDIUM
Microsoft Windows - Information Disclosure in HTTP.sys
CVSS 5.9
CVE-2017-8564
MEDIUM
Windows Kernel - Information Disclosure via Uninitialized Memory
CVSS 5.5
CVE-2017-8486
MEDIUM
Microsoft Windows - Information Disclosure via Win32k Memory Handling
CVSS 4.7
CVE-2017-6730
MEDIUM
Cisco Wide Area Application Services - Unauthenticated Information Disclosure via Central Manager GUI
CVSS 5.3
CVE-2017-6726
MEDIUM
Cisco Prime Network Gateway - Info Disclosure
CVSS 5.5
CVE-2017-1284
MEDIUM
IBM WebSphere MQ 9.0.1-9.0.2 - Exposure of Sensitive Information via Application Server Traces
CVSS 4.7
CVE-2017-11145
HIGH
PHP < 5.6.31, 7.x < 7.0.21, 7.1.x < 7.1.7 - Information Disclosure via Date Extension timelib_meridian Parsing
CVSS 7.5
CVE-2017-8442
MEDIUM
Elasticsearch X-Pack Security <5.4.3 - Info Disclosure
CVSS 6.5
CVE-2017-1000381
HIGH
c-ares - Information Disclosure via NAPTR Response Parsing
CVSS 7.5
CVE-2017-0326
MEDIUM
Google Android - Information Disclosure
CVSS 5.5
CVE-2017-2239
MEDIUM
Marp <= v0.0.10 - Exposure of Sensitive Information via JavaScript
CVSS 5.3
CVE-2017-5001
MEDIUM
EMC RSA Archer <5.5.2 - Info Disclosure
CVSS 4.3
CVE-2017-5000
MEDIUM
EMC RSA Archer <5.5.2 - Info Disclosure
CVSS 4.3
CVE-2017-4999
MEDIUM
EMC RSA Archer <5.5.3.1 - Auth Bypass
CVSS 6.5
CVE-2017-0709
LOW
Android - Information Disclosure in HTC Sensor Hub Driver
CVSS 3.3
Details
Vulnerabilities
10,178
Exploit Likelihood
High