CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2017-0270
MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
CVSS 5.9
CVE-2017-0268
MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
CVSS 5.9
CVE-2017-0267
MEDIUM
Microsoft Windows SMBv1 - Information Disclosure via Request Handling
CVSS 5.9
CVE-2017-0259
MEDIUM
Windows Kernel - Information Disclosure via Crafted Document
CVSS 4.7
CVE-2017-0258
MEDIUM
Windows Kernel - Authenticated Information Disclosure via Crafted Document
CVSS 4.7
CVE-2017-0245
MEDIUM
Windows 7 SP1, Server 2008 SP2/R2 SP1, 2012 Gold - Kernel Info Disclosure
CVSS 4.7
CVE-2017-0242
MEDIUM
Windows 7 and Server 2008 - Information Disclosure via ActiveX Object Instantiation
CVSS 5.5
CVE-2017-0220
MEDIUM
Windows 7 SP1, Server 2008 SP2/R2 SP1, 2012 Gold - Authenticated Info Disclosure via Crafted Document
CVSS 4.7
CVE-2017-0190
MEDIUM
Microsoft Windows - Information Disclosure via GDI Component
CVSS 4.4
CVE-2017-0175
MEDIUM
Windows 7 SP1 and Windows Server 2008 SP2/R2 SP1 - Authenticated Information Disclosure via Crafted Document
CVSS 4.7
CVE-2017-8360
MEDIUM
Conexant mictray64 < 1.0.0.46 - Unauthenticated Exposure of Sensitive Information via Debug Messages and Log File
CVSS 5.5
CVE-2017-8899
HIGH
IPS Community Suite <4.1.19.2 - XSS/Info Disclosure
CVSS 8.1
CVE-2017-8878
MEDIUM
ASUS RT-AC*-RT-N* <3.0.0.4.380.7378 - Info Disclosure
CVSS 6.5
CVE-2017-8877
MEDIUM
ASUS RT-AC*-RT-N* <3.0.0.4.380.7378 - Info Disclosure
CVSS 6.5
CVE-2017-5892
HIGH
ASUS RT-AC* and RT-N* Firmware - JSONP Information Disclosure via Network Map
CVSS 7.5
CVE-2017-3067
HIGH
Adobe Experience Manager Forms 6.0-6.2 - Information Disclosure via Pre-Population Service
CVSS 7.5
CVE-2017-0895
LOW
Nextcloud Server <10.0.4,11.0.2 - Info Disclosure
CVSS 3.5
CVE-2017-7923
HIGH
Hikvision DS-2CD2xx2F-I Series V5.2.0 to V5.4.0 - Sensitive Information Exposure via Password
CVSS 8.8
CVE-2017-3732
MEDIUM
OpenSSL <1.0.2k, 1.1.0<1.1.0d - Memory Corruption
CVSS 5.9
CVE-2017-6626
MEDIUM
Cisco Finesse 11.5(1)/11.6(1) - Unauthenticated Sensitive Information Exposure via Hard-Coded Credentials
CVSS 5.3
CVE-2017-5481
HIGH
Trend Micro OfficeScan 11.0 - Authenticated Privilege Escalation via Encrypted Password Leak
CVSS 8.8
CVE-2017-7995
LOW
Xen < 4.2.5 - Information Disclosure via MMIO Range Access Permission Check
CVSS 3.8
CVE-2017-7216
MEDIUM
Palo Alto Networks PAN-OS <7.1.9 - Info Disclosure
CVSS 6.5
CVE-2017-7644
MEDIUM
Palo Alto Networks PAN-OS <6.1.17, <7.0.15, <7.1.9 - Info Disclosure
CVSS 6.5
CVE-2017-1141
MEDIUM
IBM Insights Foundation for Energy <1.7 - Info Disclosure
CVSS 4.3
Details
Vulnerabilities
10,178
Exploit Likelihood
High