CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2017-0105
MEDIUM
Microsoft Office - Information Disclosure via Crafted Office Document
CVSS 5.5
CVE-2017-0096
LOW
Microsoft Windows 10 - Information Disclosure
CVSS 2.6
CVE-2017-0092
MEDIUM
Microsoft Windows Uniscribe - Information Disclosure via Crafted Website
CVSS 4.3
CVE-2017-0091
MEDIUM
Microsoft Windows Vista/Server 2008/7 Uniscribe Information Disclosure via Crafted Website
CVSS 4.3
CVE-2017-0085
MEDIUM
Microsoft Windows Vista SP2/Server 2008 SP2/R2 SP1/7 SP1 Uniscribe Information Disclosure
CVSS 4.3
CVE-2017-0073
MEDIUM
Microsoft Windows GDI - Unauthorized Memory Information Exposure via Crafted Website
CVSS 4.3
CVE-2017-0068
MEDIUM
Microsoft Edge - Information Disclosure via Crafted Web Site
CVSS 4.3
CVE-2017-0065
MEDIUM
Microsoft Edge - Information Disclosure via Crafted Web Site
CVSS 4.3
CVE-2017-0063
MEDIUM
Windows Color Management Module - Information Disclosure via ICM32.dll Memory Handling
CVSS 6.5
CVE-2017-0062
MEDIUM
Microsoft Windows GDI+ - Information Disclosure via Crafted Website
CVSS 4.7
CVE-2017-0061
MEDIUM
Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1 - ASLR Bypass via ICM32.dll Memory Handling
CVSS 5.3
CVE-2017-0060
MEDIUM
Microsoft Windows GDI - Unauthorized Memory Information Exposure via Crafted Website
CVSS 5.5
CVE-2017-0057
MEDIUM
Windows DNS Client - Information Disclosure via Malicious DNS Query
CVSS 4.3
CVE-2017-0049
MEDIUM
Internet Explorer 11 - Information Disclosure via VBScript Engine
CVSS 4.3
CVE-2017-0043
MEDIUM
Microsoft Windows 10 - Information Disclosure
CVSS 5.3
CVE-2017-0042
LOW
Windows Media Player - Information Disclosure via Crafted Website
CVSS 3.1
CVE-2017-0027
MEDIUM
Microsoft Excel Information Disclosure via Crafted Office Document
CVSS 4.7
CVE-2017-0011
MEDIUM
Microsoft Edge - Information Disclosure via Crafted Web Site
CVSS 4.3
CVE-2017-0009
MEDIUM
Internet Explorer 9-11 - Information Disclosure via Crafted Web Site
CVSS 4.3
CVE-2017-0008
MEDIUM
Internet Explorer 9-11 - Information Disclosure via Crafted Web Site
CVSS 4.3
CVE-2017-5537
MEDIUM
Weblate < 2.10.1 - User Enumeration via Password Reset Error Messages
CVSS 5.3
CVE-2017-5496
CRITICAL
Sawmill Enterprise 8.7.9 - Authentication Bypass via Password Hash
CVSS 9.8
CVE-2017-5583
MEDIUM
PAN-OS < 6.1.16, 7.0.x < 7.0.13, 7.1.x < 7.1.8 - Authenticated Arbitrary File Read
CVSS 6.5
CVE-2017-5674
CRITICAL
GoAhead - Unauthenticated Sensitive Information Exposure via Malformed HTTP Request
CVSS 9.8
CVE-2017-0537
MEDIUM
Linux Kernel >= 3.18 - Information Disclosure in USB Gadget Driver
CVSS 4.7
Details
Vulnerabilities
10,178
Exploit Likelihood
High