CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2016-4806
HIGH
web2py < 2.14.5 - Local File Inclusion
CVSS 7.5
CVE-2016-9885
CRITICAL
GemFire for PCF 1.6.x < 1.6.5 and 1.7.x < 1.7.1 - Unauthenticated Exposure of Sensitive Information via gfsh Endpoint
CVSS 9.8
CVE-2016-4306
MEDIUM
Kaspersky Internet Security KLDISK - Info Disclosure
CVSS 5.5
CVE-2016-2380
LOW
Pidgin < 2.10.12 - Out-of-bounds Read in MXIT Protocol Handler
CVSS 3.1
CVE-2016-2374
HIGH
Pidgin < 2.10.12 - Memory Corruption via MXIT MultiMX Message Handling
CVSS 8.1
CVE-2016-2372
MEDIUM
Pidgin < 2.10.12 - Out-of-bounds Read in MXIT Protocol File Transfer
CVSS 5.9
CVE-2016-2367
MEDIUM
Pidgin < 2.10.12 - Out-of-bounds Read in MXIT Avatar Handling
CVSS 5.9
CVE-2016-1550
MEDIUM
ntp 4.2.8p4 and NTPSec a5fb34b - Exposure of Sensitive Information via Message Authentication
CVSS 5.3
CVE-2016-10105
CRITICAL
Piwigo < 2.8.3 - Unauthenticated Exposure of Sensitive Information via admin/plugin.php
CVSS 9.8
CVE-2016-6859
MEDIUM
SAP Hybris - Information Disclosure via Java Stack Trace
CVSS 4.3
CVE-2016-9845
MEDIUM
QEMU < 2.8.0 - Information Disclosure via Virtio GPU Device Emulator
CVSS 6.5
CVE-2016-5329
MEDIUM
VMware Fusion 8.x - Unauthorized Kernel Memory Address Exposure via kASLR Bypass
CVSS 5.5
CVE-2016-5328
MEDIUM
Vmware Tools < 10.0.8 - Information Disclosure
CVSS 5.5
CVE-2016-9756
MEDIUM
Linux Kernel < 4.8.12 - Information Disclosure via Uninitialized Code Segment
CVSS 5.5
CVE-2016-9908
LOW
Qemu < 2.8.1.1 - Information Disclosure via Virtio GPU Device Capset Command
CVSS 3.3
CVE-2016-6910
MEDIUM
Android 5.0.2-6.0.1 on Samsung Galaxy S6 Edge - Unauthorized Notification Access via Non-Existent Listener
CVSS 5.5
CVE-2016-7555
MEDIUM
FFmpeg < 3.1.3 - Memory Leak in AVI Decoder via Crafted strh Structure
CVSS 5.5
CVE-2016-7091
MEDIUM
Red Hat Enterprise Linux - Unauthorized Information Exposure via INPUTRC Environment Variable
CVSS 4.4
CVE-2016-7172
HIGH
NetApp Snap Creator Framework < 4.3.0 - Exposure of Sensitive Information
CVSS 7.5
CVE-2016-7295
MEDIUM
Windows CLFS Driver - Unauthorized Memory Information Disclosure via Crafted Application
CVSS 5.5
CVE-2016-7284
MEDIUM
Microsoft Internet Explorer 10 and 11 - Information Disclosure via Crafted Web Site
CVSS 4.3
CVE-2016-7278
MEDIUM
Microsoft Internet Explorer 9-11 - Information Disclosure via Crafted Web Site
CVSS 5.3
CVE-2016-7258
MEDIUM
Windows 10 and Windows Server 2016 - Kernel Memory Address Information Disclosure via Page-Fault System Call
CVSS 5.5
CVE-2016-7257
MEDIUM
Office for Mac - Information Disclosure via GDI Component
CVSS 6.5
CVE-2016-7219
MEDIUM
Microsoft Windows Crypto Driver - Information Disclosure via Crafted Application
CVSS 5.5
Details
Vulnerabilities
10,178
Exploit Likelihood
High