CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2017-0414
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 - Unauthorized Data Access via AOSP Messaging
CVSS 5.5
CVE-2017-0413
MEDIUM
Android 6.0 6.0.1 7.0 7.1.1 - Unauthorized Data Access via AOSP Messaging
CVSS 5.5
CVE-2017-5595
MEDIUM
ZoneMinder < 1.30.0 - Authenticated File Disclosure via Path Parameter
CVSS 5.5
CVE-2017-5550
MEDIUM
Linux Kernel < 4.9.4 - Information Exposure via Pipe Buffer Release Error
CVSS 5.5
CVE-2017-5610
MEDIUM
WordPress < 4.7.1 - Exposure of Sensitive Information via Press This Taxonomy Assignment
CVSS 5.3
CVE-2017-3319
LOW
Oracle MySQL Server <= 5.7.16 - Unauthorized Data Access via X Plugin
CVSS 3.1
CVE-2017-3315
MEDIUM
PeopleSoft Enterprise HCM ePerformance 9.2 - Unauthorized Read Access via Security Subcomponent
CVSS 4.3
CVE-2017-3296
MEDIUM
Oracle Commerce Platform 10.0.3.5 10.2.0.5 11.2.0.2 - Unauthenticated Exposure of Sensitive Information via HTTP
CVSS 4.3
CVE-2017-3292
MEDIUM
Oracle PeopleSoft Enterprise PeopleTools 8.54-8.55 - Unauthorized Data Access via Integration Broker
CVSS 5.7
CVE-2017-3277
MEDIUM
Oracle Applications Manager 12.1.3 12.2.3-12.2.6 - Unauthorized Data Access via OAM Client
CVSS 4.9
CVE-2017-3255
MEDIUM
Oracle JDeveloper <=12.2.1.2.0 - Unauthenticated Sensitive Information Exposure
CVSS 5.8
CVE-2017-3250
HIGH
Oracle GlassFish Server 2.1.1 3.0.1 3.1.2 - Unauthenticated Exposure of Sensitive Information
CVSS 7.3
CVE-2017-3245
MEDIUM
Oracle FLEXCUBE Direct Banking 12.0.2-12.0.3 - Unauthenticated Exposure of Sensitive Information via Pre-Login
CVSS 4.7
CVE-2017-3240
LOW
Oracle Database Server 12.1.0.2 - Unauthorized Read Access in RDBMS Security
CVSS 3.3
CVE-2017-3239
LOW
Oracle GlassFish Server 3.0.1 and 3.1.2 - Unauthorized Read Access to Sensitive Data
CVSS 3.3
CVE-2017-3231
MEDIUM
Oracle JDK and JRE - Unauthenticated Exposure of Sensitive Information via Networking
CVSS 4.3
CVE-2017-3805
MEDIUM
Cisco IOS and IOx - Unauthenticated Exposure of Sensitive Information
CVSS 5.3
CVE-2017-3797
MEDIUM
Cisco WebEx Meetings Server - Info Disclosure
CVSS 5.3
CVE-2017-5372
HIGH
SAP NetWeaver AS Java - Unauthenticated Sensitive Information Exposure via MSPRuntimeInterface Functions
CVSS 7.5
CVE-2017-5182
HIGH
Open Enterprise Server - Unauthenticated Arbitrary File Read via Remote Manager URL
CVSS 7.5
CVE-2017-5223
MEDIUM
PHPMailer < 5.2.22 - Unauthenticated Sensitive Information Exposure via msgHTML Image Attachment Handling
CVSS 5.5
CVE-2017-5487
MEDIUM
WordPress < 4.7.1 - Unauthorized User Information Exposure via REST API
CVSS 5.3
CVE-2017-2584
HIGH
Linux Kernel < 4.9.3 - Use-After-Free and Information Disclosure via Instruction Emulation
CVSS 7.1
CVE-2017-0398
MEDIUM
Android 4.4.4 5.0.2 5.1.1 6.0 6.0.1 7.0 7.1 - Information Disclosure in Audioserver
CVSS 5.5
CVE-2017-0402
MEDIUM
Android 4.4.4-7.1 - Information Disclosure in libeffects EffectBundle
CVSS 5.5
Details
Vulnerabilities
10,178
Exploit Likelihood
High