CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2017-0708
MEDIUM
Android - Information Disclosure in HTC Sound Driver
CVSS 5.5
CVE-2017-0699
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 - Information Disclosure in Media Framework
CVSS 5.5
CVE-2017-0698
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 - Information Disclosure in Media Framework
CVSS 5.5
CVE-2017-0669
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 7.1.2 - Information Disclosure
CVSS 5.5
CVE-2017-0668
MEDIUM
Android 4.4.4 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1.1 7.1.2 - Information Disclosure
CVSS 5.5
CVE-2017-6709
CRITICAL
Cisco Ultra Services Framework < 5.0.2 - Unauthenticated Exposure of Sensitive Information via AutoVNF Log Files
CVSS 9.8
CVE-2017-6708
CRITICAL
Cisco Ultra Services Framework < 5.0.2 - Unauthenticated Sensitive File Read via Symlink Creation
CVSS 9.8
CVE-2017-1157
MEDIUM
IBM Jazz Reporting Service - Info Disclosure
CVSS 4.3
CVE-2017-1176
LOW
IBM Maximo Asset Mgmt <7.6 - Info Disclosure
CVSS 3.3
CVE-2017-2294
HIGH
Puppet Enterprise <2016.4.5,2017.2.1 - Info Disclosure
CVSS 7.5
CVE-2017-10916
HIGH
Xen through 4.8.x - Information Exposure via vCPU Context-Switch and MPX/PKU Interaction
CVSS 7.5
CVE-2017-10911
MEDIUM
Linux Kernel < 4.11.7 - Information Disclosure via Xen Block Interface Response
CVSS 6.5
CVE-2017-7317
CRITICAL
Humax Digital HG100 2.0.6 - Info Disclosure
CVSS 9.8
CVE-2017-6706
MEDIUM
Cisco Prime Collaboration Provisioning Tool - Unauthenticated Sensitive Information Exposure via Logging Subsystem
CVSS 5.1
CVE-2017-6705
MEDIUM
Cisco Prime Collaboration Provisioning Tool - Authenticated Sensitive Information Exposure via Filesystem
CVSS 5.5
CVE-2017-0377
HIGH
Tor 0.3.x < 0.3.0.9 - Exposure of Sensitive Information via Guard Selection Algorithm
CVSS 7.5
CVE-2017-8443
MEDIUM
Kibana X-Pack Security < 5.4.3 - Unauthenticated Credential Exposure via Crafted Login URL
CVSS 6.5
CVE-2017-7899
CRITICAL
Rockwellautomation 1763-l16awa Series A - Information Disclosure
CVSS 9.8
CVE-2017-6046
HIGH
Sierra Wireless AirLink Raven XE and XT - Insufficiently Protected Credentials
CVSS 7.5
CVE-2017-6040
MEDIUM
Belden Hirschmann GECKO Lite Managed Switch Firmware < 2.0.00 - Unauthenticated Information Exposure
CVSS 5.3
CVE-2017-10679
HIGH
Piwigo < 2.9.1 - Unauthenticated Sensitive Information Exposure via Private Album Permalink Redirect
CVSS 7.5
CVE-2017-5529
MEDIUM
TIBCO JasperReports Library and Server - Information Disclosure via Host File System Access
CVSS 4.1
CVE-2017-8575
MEDIUM
Windows 10 and Windows Server 2016 - Information Disclosure via Microsoft Graphics Component
CVSS 5.5
CVE-2017-8554
MEDIUM
Microsoft Windows - Authenticated Memory Contents Exposure via Specially Crafted Application
CVSS 4.7
CVE-2017-7686
HIGH
Apache Ignite <2.0 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities
10,178
Exploit Likelihood
High