CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2017-5647 HIGH
Apache Tomcat < 9.0.0.M19 - Information Disclosure
CVSS 7.5
CVE-2017-7455 HIGH
Moxa MXView 2.8 - Unauthenticated Exposure of Sensitive Information via Private Key File
CVSS 7.5
CVE-2017-3043 MEDIUM
Adobe Acrobat and Reader < 11.0.19, < 15.006.30280, < 15.023.20070 - Memory Address Leak in Collaboration Functionality
CVSS 5.5
CVE-2017-0208 MEDIUM
Microsoft Edge - Information Disclosure via Chakra Scripting Engine Memory Handling
CVSS 4.3
CVE-2017-0194 MEDIUM
Microsoft Excel 2007 SP3/2010 SP2 & Office Compatibility Pack SP2 - Information Disclosure
CVSS 5.5
CVE-2017-0192 MEDIUM
Microsoft Windows - Information Disclosure via Adobe Type Manager Font Driver
CVSS 4.3
CVE-2017-0188 LOW
Windows Win32k Information Disclosure Vulnerability
CVSS 3.3
CVE-2017-0168 MEDIUM
Windows Hyper-V Network Switch - Information Disclosure via Improper Input Validation
CVSS 5.8
CVE-2017-0167 MEDIUM
Windows Kernel Memory Handling Information Disclosure
CVSS 5.5
CVE-2017-0058 MEDIUM
Windows - Information Disclosure in Win32k Component
CVSS 4.7
CVE-2017-5672 MEDIUM
Kony Enterprise Mobile Management < 4.2.0 - Private Key Exposure via Request Parameter Manipulation
CVSS 6.5
CVE-2017-7646 MEDIUM
SolarWinds LEM <6.3.1.4 - Info Disclosure
CVSS 6.5
CVE-2017-7345 MEDIUM
NetApp Clustered Data ONTAP < 7.1 - Unauthenticated Exposure of Sensitive Information via JMX RMI
CVSS 5.3
CVE-2017-5607 LOW
Splunk Enterprise <6.5.1 & Splunk Light <6.5.2 - Sensitive Info Exposure via Global Window Namespace
CVSS 3.5
CVE-2017-7589 MEDIUM
OpenIDM < 4.5.0 - Unauthenticated Exposure of Sensitive Information via Info Endpoint
CVSS 6.5
CVE-2017-0586 MEDIUM
Linux Kernel - Information Disclosure in Qualcomm Sound Driver
CVSS 4.7
CVE-2017-0585 MEDIUM
Linux Kernel - Information Disclosure in Broadcom Wi-Fi Driver
CVSS 4.7
CVE-2017-0584 MEDIUM
Linux Kernel - Information Disclosure in Qualcomm Wi-Fi Driver
CVSS 4.7
CVE-2017-0560 MEDIUM
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 - Unauthorized Data Access via Factory Reset Bypass
CVSS 5.5
CVE-2017-0559 MEDIUM
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 - Information Disclosure in libskia
CVSS 5.5
CVE-2017-0558 MEDIUM
Android 4.4.4-7.1.1 - Information Disclosure in Mediaserver
CVSS 5.5
CVE-2017-0557 MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 - Information Disclosure in libmpeg2
CVSS 5.5
CVE-2017-0556 MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 - Information Disclosure in libmpeg2
CVSS 5.5
CVE-2017-0555 MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 - Information Disclosure in libavc
CVSS 5.5
CVE-2017-0547 MEDIUM
Android 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 - Information Disclosure in libmedia
CVSS 5.5
Details
Vulnerabilities 10,178
Exploit Likelihood High