CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-8925 MEDIUM
IBM Tivoli App Dep Man <7.3 - Info Disclosure
CVSS 6.5
CVE-2016-8727 HIGH
Moxa AWK-3131A Wireless Access Point - Info Disclosure
CVSS 7.5
CVE-2016-8725 MEDIUM
Moxa AWK-3131A <1.1 - Info Disclosure
CVSS 5.3
CVE-2016-8724 MEDIUM
Moxa AWK-3131A Wireless Access Point <1.1 - Info Disclosure
CVSS 5.3
CVE-2016-8722 MEDIUM
Moxa AWK-3131A Series <1.1 - Unauthenticated Sensitive Information Exposure
CVSS 5.3
CVE-2016-7834 HIGH
SONY SNC Series Firmware < 1.8.5.00 - Unauthenticated Sensitive Information Exposure
CVSS 8.8
CVE-2016-2565 LOW
Samsung Galaxy S6 Firmware - Unauthorized Sent Email Exposure via SecEmailSync
CVSS 3.3
CVE-2016-5076 HIGH
CloudView NMS < 2.10a - Exposure of Sensitive Information via Direct Request
CVSS 7.5
CVE-2016-5059 MEDIUM
OSRAM Lightify Pro <2016-07-26 - Unauthenticated Sensitive Information Exposure via Screenshots
CVSS 6.5
CVE-2016-5051 HIGH
OSRAM Lightify Home < 2016-07-26 - Cleartext PSK Storage Exposes Sensitive Information
CVSS 7.5
CVE-2016-5349 MEDIUM
Android < 7.1.1 & Qualcomm Snapdragon 800/600/400/200 - Sensitive Info Exposure via Memory Address Verification
CVSS 5.5
CVE-2016-10314 HIGH
Jensenofscandinavia Al3g Firmware - Information Disclosure
CVSS 8.8
CVE-2016-8757 LOW
Huawei P9 Firmware <= EVA-AL10C00B192 - Sensitive Information Exposure via ION Memory Management
CVSS 3.3
CVE-2016-8272 MEDIUM
Huawei PC client software <4.0.5.300_OVE - Info Disclosure
CVSS 5.3
CVE-2016-8271 MEDIUM
Huawei eSpace IAD <V300R002C01SPC100 - Info Disclosure
CVSS 5.3
CVE-2016-7542 MEDIUM
FortiOS 5.2.x < 5.2.10 and 5.4.x < 5.4.2 - Authenticated Password Hash Exposure via WebUI REST API
CVSS 4.9
CVE-2016-6349 LOW
oci-register-machine - Unauthenticated Exposure of Sensitive Information via machinectl Command
CVSS 3.3
CVE-2016-4976 MEDIUM
Apache Ambari 2.0.0-2.3.9 - Exposure of Sensitive Information via KDC Administrator Password
CVSS 5.5
CVE-2016-9129 MEDIUM
Revive Adserver <3.2.3 - Info Disclosure
CVSS 5.3
CVE-2016-6102 LOW
IBM Tivoli Key Lifecycle Manager <2.7 - Info Disclosure
CVSS 3.7
CVE-2016-7474 MEDIUM
F5 BIG-IP LTM/AAM Sensitive Information Exposure via MCPD Cache
CVSS 5.5
CVE-2016-5757 CRITICAL
NetIQ Access Manager <4.1.2-4.2.2 - XSS
CVSS 9.8
CVE-2016-5754 HIGH
NetIQ Access Manager <4.1.2 HF1, <4.2 - Info Disclosure
CVSS 7.5
CVE-2016-5752 HIGH
NetIQ Access Manager <4.1.2 HF1-4.2.2 - Info Disclosure
CVSS 7.5
CVE-2016-1603 MEDIUM
NetIQ IDM ServiceNow Driver <1.0.0.1 - Info Disclosure
CVSS 6.5
Details
Vulnerabilities 10,178
Exploit Likelihood High