CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-4680 MEDIUM
iPhone OS < 10.1, tvOS < 10.0.1, watchOS < 3.1 - Kernel Memory Information Disclosure via Crafted App
CVSS 5.5
CVE-2016-4665 LOW
iPhone OS < 10.1, watchOS < 3.1, tvOS < 10.0.1 - Unauthorized Audio-Recording Metadata Access via Sandbox Profiles
CVSS 3.3
CVE-2016-4664 LOW
iPhone OS < 10.0.3, tvOS < 10.0, watchOS < 2.2.2 - Unauthorized Photo-Directory Metadata Exposure via Sandbox Profiles
CVSS 3.3
CVE-2016-4660 HIGH
iPhone OS < 10.1, macOS < 10.12.1, tvOS < 10.0.1, watchOS < 3.1 - FontParser Info Disclosure & DoS
CVSS 7.1
CVE-2016-4613 MEDIUM
Safari < 10.0.1 - Exposure of Sensitive Information via WebKit
CVSS 6.5
CVE-2016-6190 MEDIUM
SOGo <2.3.12-3.1.1 - Info Disclosure
CVSS 4.3
CVE-2016-6060 MEDIUM
IBM Rational DOORS NG <6.0 - Info Disclosure
CVSS 4.3
CVE-2016-9349 HIGH
Advantech SUISAccess Server <3.0 - Info Disclosure
CVSS 7.5
CVE-2016-5813 MEDIUM
Visionic PowerLink2 <Oct 2016 - Info Disclosure
CVSS 5.3
CVE-2016-5786 HIGH
OmniMetix OmniView <1.2 - Info Disclosure
CVSS 7.5
CVE-2016-3995 HIGH
Crypto++ < 5.6.3 - Timing Attack via Compiler Optimization of Rijndael Block Processing
CVSS 7.5
CVE-2016-6210 MEDIUM
OpenSSH < 7.2 - User Enumeration via Timing Attack on Password Hashing
CVSS 5.9
CVE-2016-8495 HIGH
Fortinet FortiManager <5.2.7, <5.4.1 - SSL Injection
CVSS 7.4
CVE-2016-9244 HIGH
BIG-IP Local Traffic Manager - Exposure of Sensitive Information via Session Tickets
CVSS 7.5
CVE-2016-5918 MEDIUM
IBM Tivoli Storage Manager HSM for Windows - Info Disclosure
CVSS 4.7
CVE-2016-5900 MEDIUM
IBM Tealeaf Customer Experience - Info Disclosure
CVSS 5.9
CVE-2016-0307 MEDIUM
IBM Connections <5.5 - Info Disclosure
CVSS 4.3
CVE-2016-0210 MEDIUM
IBM Sterling B2B Integrator - Info Disclosure
CVSS 5.3
CVE-2016-0203 MEDIUM
IBM Cloud Orchestrator - Info Disclosure
CVSS 5.5
CVE-2016-0202 LOW
IBM Cloud Orchestrator - Info Disclosure
CVSS 3.3
CVE-2016-9748 MEDIUM
IBM Rational DOORS Next Generation 5.0-6.0 - Exposure of Sensitive Information in Error Response Messages
CVSS 4.3
CVE-2016-2866 MEDIUM
IBM Rational Collaborative Lifecycle Management - Authenticated Exposure of Sensitive Deployment Information
CVSS 4.3
CVE-2016-8492 MEDIUM
Fortinet FortiGate - Info Disclosure
CVSS 5.9
CVE-2016-10213 MEDIUM
A10 Advanced Core Operating System < 2.7.2 - Exposure of Sensitive Information via GCM Nonce Reuse
CVSS 5.9
CVE-2016-10212 MEDIUM
Radware Alteon < 30.0.5.10 - Exposure of Sensitive Information via GCM Nonce Reuse
CVSS 5.9
Details
Vulnerabilities 10,178
Exploit Likelihood High