CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2016-4442
MEDIUM
Rack-Mini-Profiler <0.10.1 - Info Disclosure
CVSS 5.3
CVE-2016-10351
MEDIUM
Telegram Desktop 0.10.19 - Unprotected User Data Exposure via Insecure Directory Permissions
CVSS 5.5
CVE-2016-3702
MEDIUM
CloudForms Management Engine <5 - Info Disclosure
CVSS 5.3
CVE-2016-1561
HIGH
ExaGrid <4.8 P26 - Privilege Escalation
CVSS 7.5
CVE-2016-1187
MEDIUM
Cybozu KUNAI for iPhone 2.0.3-3.1.5 & Android 2.1.2-3.0.4 - Sensitive Info Exposure via Unverified SSL Certs
CVSS 6.8
CVE-2016-1559
HIGH
D-Link DAP-1353/DAP-2553/DAP-3520 - Exposure of Sensitive Information via SNMP
CVSS 8.1
CVE-2016-1557
CRITICAL
Netgear WNAP320-360 <3.5.5.0 - Info Disclosure
CVSS 9.8
CVE-2016-1556
HIGH
Netgear WNAP320/WNDAP350/WNDAP360/WNDAP210v2/WN604/WND930 - Unauthenticated Information Disclosure via WPS
CVSS 7.5
CVE-2016-9978
MEDIUM
IBM Curam Social Program Management 5.2, 6.0, and 7.0 - Authenticated Exposure of Sensitive Information
CVSS 4.3
CVE-2016-8923
MEDIUM
IBM Curam Social Program Management <7.0 - Info Disclosure
CVSS 4.3
CVE-2016-3732
MEDIUM
Moodle <3.0.3, <2.9.5, <2.8.11, <2.7.13 - Info Disclosure
CVSS 4.3
CVE-2016-3731
MEDIUM
Moodle <3.0.3, <2.9.5, <2.8.11 - Info Disclosure
CVSS 5.3
CVE-2016-4844
MEDIUM
Cybozu Mailwise < 5.4.0 - Clickjacking
CVSS 4.3
CVE-2016-4843
MEDIUM
Cybozu Mailwise < 5.4.0 - Unauthorized Cookie Information Exposure
CVSS 6.5
CVE-2016-4842
MEDIUM
Cybozu Mailwise < 5.4.0 - Unauthorized Email Read Receipt Exposure
CVSS 4.3
CVE-2016-6341
MEDIUM
oVirt Engine <4.0.3 - Info Disclosure
CVSS 5.5
CVE-2016-6335
HIGH
MediaWiki <1.23.15, <1.26.4, <1.27.1 - Info Disclosure
CVSS 7.5
CVE-2016-6332
HIGH
MediaWiki <1.23.15, <1.26.4, <1.27.1 - Info Disclosure
CVSS 7.5
CVE-2016-5409
HIGH
Red Hat OpenShift Enterprise 2 - Exposure of Sensitive Information via Missing HTTPOnly Flag in GEARID Cookie
CVSS 7.5
CVE-2016-3037
MEDIUM
IBM Cognos TM1 10.1-10.2 - Authenticated Exposure of Sensitive Information via Session Key
CVSS 5.7
CVE-2016-4872
MEDIUM
Cybozu Office 9.0.0-10.4.0 - Authenticated Unauthorized Project Name Exposure via Breadcrumb Trail
CVSS 4.3
CVE-2016-4869
MEDIUM
Cybozu Office 9.0.0-10.4.0 - Exposure of Sensitive Information via CGI Environment Variables
CVSS 6.5
CVE-2016-4867
MEDIUM
Cybozu Office 9.0.0-10.4.0 - Authenticated Unauthorized Project Information Exposure via Project Function
CVSS 4.3
CVE-2016-7060
MEDIUM
Red Hat QuickStart Cloud Installer 1.0 - Unauthorized Password Exposure via Unmasked Web Interface
CVSS 4.6
CVE-2016-8926
MEDIUM
IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 - Unauthorized Data Access
CVSS 4.3
Details
Vulnerabilities
10,178
Exploit Likelihood
High