CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-8302 MEDIUM
Oracle FLEXCUBE Universal Banking <12.2.0 - RCE
CVSS 4.3
CVE-2016-5614 MEDIUM
Oracle FLEXCUBE <12.0.1 - Info Disclosure
CVSS 4.3
CVE-2016-3996 MEDIUM
Samsung KNOX <2.3.0 - Info Disclosure
CVSS 5.5
CVE-2016-1919 MEDIUM
Samsung KNOX < 1.0 - Exposure of Sensitive Information via Weak eCryptFS Key Generation
CVSS 4.7
CVE-2016-10002 HIGH
Squid HTTP Proxy <4.0.16 - Info Disclosure
CVSS 7.5
CVE-2016-9932 LOW
Xen 3.3.x-4.7.x - Unauthorized Sensitive Information Exposure via CMPXCHG8B Emulation
CVSS 3.3
CVE-2016-6668 HIGH
Atlassian Hipchat Integration Plugin <6.27.5, <6.28.0-7.3.7, <7.4.0...
CVSS 7.5
CVE-2016-5014 MEDIUM
Moodle 2.x-3.1.0 - Unauthorized Exposure of Sensitive Information via Event Monitor Notifications
CVSS 5.4
CVE-2016-5012 MEDIUM
Moodle 3.1 - Exposure of Sensitive Information via Glossary Search
CVSS 5.3
CVE-2016-10143 HIGH
Tiki Wiki CMS 15.2 - Info Disclosure
CVSS 7.5
CVE-2016-5220 MEDIUM
Google Chrome < 55.0.2883.75 - Local File Read via PDF Navigation
CVSS 6.5
CVE-2016-5212 MEDIUM
Google Chrome < 55.0.2883.75 - Local File Read via DevTools URL Sanitization Bypass
CVSS 6.5
CVE-2016-5201 MEDIUM
Google Chrome < 54.0.2840.87 - Exposure of Sensitive Information via Extensions API
CVSS 6.5
CVE-2016-9680 HIGH
Citrix Provisioning Services < 7.12 - Unauthorized Sensitive Information Exposure via Kernel Memory
CVSS 7.5
CVE-2016-9677 MEDIUM
Citrix Provisioning Services < 7.12 - Kernel Address Information Exposure
CVSS 5.3
CVE-2016-9107 HIGH
OTR plugin for Gajim - Info Disclosure
CVSS 7.5
CVE-2016-8671 MEDIUM
MatrixSSL < 3.8.6 - Exposure of Sensitive Information via Modular Exponentiation
CVSS 5.9
CVE-2016-6887 MEDIUM
MatrixSSL < 3.8.6 - Exposure of Sensitive Information via CRT Attack on pstm_exptmod
CVSS 5.9
CVE-2016-3130 HIGH
BlackBerry Enterprise Server 12-12.5.2 - Credential Exposure via Login Traffic Sniffing
CVSS 8.1
CVE-2016-10140 HIGH
Apache HTTP Server/ZoneMinder <1.30-1.29 - Info Disclosure
CVSS 7.5
CVE-2016-10135 MEDIUM
LG Mobile - Unauthorized Access to Sensitive Logs via MTKLogger Component
CVSS 5.5
CVE-2016-3152 CRITICAL
Barco ClickShare CSC-1 Firmware < 01.09.02.03 - Unauthenticated Exposure of Root Password via Firmware Image
CVSS 9.8
CVE-2016-8475 MEDIUM
Android Kernel 3.18 - Info Disclosure
CVSS 4.7
CVE-2016-8474 MEDIUM
Android Kernel 3.10 - Info Disclosure
CVSS 4.7
CVE-2016-8473 MEDIUM
Android Kernel 3.10 - Info Disclosure
CVSS 4.7
Details
Vulnerabilities 10,178
Exploit Likelihood High