CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-7204 LOW
Microsoft Edge - Unauthorized File Access via Crafted Web Site
CVSS 3.1
CVE-2016-7199 LOW
Microsoft Internet Explorer 9-11 and Edge - Same Origin Policy Bypass via Window State Information Disclosure
CVSS 3.1
CVE-2016-7386 MEDIUM
NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Kernel Memory Leak via DxgDdiEscape Handler
CVSS 5.5
CVE-2016-9185 MEDIUM
OpenStack Heat <=5.0.3, >=6.0.0 <=6.1.0, ==7.0.0 - SSRF
CVSS 4.3
CVE-2016-9184 HIGH
Exponent CMS 2.4.0 - SQL Injection and Information Disclosure via Table Name Manipulation
CVSS 7.5
CVE-2016-9183 HIGH
Exponent CMS 2.4.0 - Info Disclosure
CVSS 7.5
CVE-2016-9135 HIGH
Exponent CMS 2.3.9 - SQL Injection in Help Controller Version Parameter
CVSS 7.5
CVE-2016-9134 HIGH
Exponent CMS 2.3.9 - SQL Injection in expPaginator.php Order Parameter
CVSS 7.5
CVE-2016-9086 MEDIUM
GitLab 8.9.0-8.13.2 - Authenticated Sensitive Information Exposure via Project Import/Export
CVSS 6.5
CVE-2016-9017 HIGH
Artifex MuJS < 5c337af4b3df80cf967e4f9f6a21522de84b392a - Out-of-Bounds Read in jsC_dumpfunction
CVSS 7.5
CVE-2016-8889 MEDIUM
Bitcoin Knots <0.13.0 - Info Disclosure
CVSS 6.2
CVE-2016-8871 MEDIUM
Botan 1.11.29-1.11.32 - Timing Side Channel in RSA OAEP Decryption
CVSS 6.2
CVE-2016-7919 HIGH
Moodle 3.1.2 - Exposure of Sensitive Information via SQL Injection in Installation Process
CVSS 7.5
CVE-2016-6446 HIGH
Cisco Meeting Server - Info Disclosure
CVSS 7.5
CVE-2016-8295 MEDIUM
Oracle PeopleSoft Products 9.2 - Info Disclosure
CVSS 4.3
CVE-2016-8294 MEDIUM
Oracle PeopleSoft <8.54-8.55 - Info Disclosure
CVSS 4.3
CVE-2016-8286 LOW
Oracle MySQL <5.7.14 - Privilege Escalation
CVSS 3.1
CVE-2016-5621 MEDIUM
Oracle FLEXCUBE Universal Banking - Info Disclosure
CVSS 4.3
CVE-2016-5618 LOW
Oracle Fusion Middleware - Confidentiality
CVSS 3.1
CVE-2016-5611 MEDIUM
Oracle VM VirtualBox <5.0.28, <5.1.8 - Info Disclosure
CVSS 4.3
CVE-2016-5603 MEDIUM
Oracle FLEXCUBE Universal Banking - Info Disclosure
CVSS 4.3
CVE-2016-5602 MEDIUM
Oracle Data Integrator - Confidentiality
CVSS 5.7
CVE-2016-5597 MEDIUM
Oracle JDK and JRE - Exposure of Sensitive Information via Networking
CVSS 5.9
CVE-2016-5596 MEDIUM
Oracle E-Business Suite <12.2.6 - Info Disclosure
CVSS 4.3
CVE-2016-5575 MEDIUM
Oracle E-Business Suite <12.2.7 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,178
Exploit Likelihood High