CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-5565 HIGH
Oracle Hospitality OPERA - Info Disclosure
CVSS 7.7
CVE-2016-5524 MEDIUM
Oracle Agile PLM 9.3.4-9.3.5 - Exposure of Sensitive Information
CVSS 5.3
CVE-2016-5522 MEDIUM
Oracle Agile PLM 9.3.4-9.3.5 - Authenticated Exposure of Sensitive Information
CVSS 4.3
CVE-2016-5513 MEDIUM
Oracle Agile PLM 9.3.4-9.3.5 - Authenticated Exposure of Sensitive Information via File Manager
CVSS 4.3
CVE-2016-5510 MEDIUM
Oracle Agile PLM 9.3.4-9.3.5 - Exposure of Sensitive Information
CVSS 5.3
CVE-2016-5508 LOW
Solaris Cluster 4.3 - Exposure of Sensitive Information via Cluster Geo
CVSS 3.3
CVE-2016-5505 MEDIUM
Oracle Database Server 11.2.0.4 and 12.1.0.2 - Exposure of Sensitive Information in RDBMS Programmable Interface
CVSS 5.5
CVE-2016-5504 MEDIUM
Oracle Agile PLM for Process 6.1.0.4/6.1.1.6/6.2.0.0 - Sensitive Information Exposure via Supplier Portal
CVSS 4.1
CVE-2016-5500 HIGH
Oracle Discoverer 11.1.1.7.0 - Exposure of Sensitive Information via Viewer
CVSS 7.5
CVE-2016-5498 LOW
Oracle Database Server 11.2.0.4 and 12.1.0.2 - Exposure of Sensitive Information in RDBMS Security
CVSS 3.3
CVE-2016-5495 HIGH
Oracle Discoverer 11.1.1.7.0 - Exposure of Sensitive Information via EUL Code & Schema
CVSS 7.5
CVE-2016-5481 LOW
Sun ZFS Storage Appliance Kit AK 2013 - Exposure of Sensitive Information via Core Services
CVSS 3.7
CVE-2016-5479 MEDIUM
Oracle FLEXCUBE Universal Banking 11.3.0, 11.4.0, 12.0.1 - Authenticated Exposure of Sensitive Information
CVSS 4.3
CVE-2016-3562 LOW
Oracle Database Server <12.1.0.2 - Info Disclosure
CVSS 2.4
CVE-2016-3473 HIGH
Oracle BI Publisher - Info Disclosure
CVSS 7.7
CVE-2016-1000214 MEDIUM
Ruckus Wireless H500 - Exposure of Sensitive Information via Authentication Bypass
CVSS 5.3
CVE-2016-0377 MEDIUM
IBM WebSphere Application Server <7.0.0.43, <8.0.0.13, <8.5.5.10 - ...
CVSS 4.3
CVE-2016-0247 HIGH
IBM Security Guardium <10.1 - Info Disclosure
CVSS 7.8
CVE-2016-0242 MEDIUM
IBM Security Guardium <10.1 - Info Disclosure
CVSS 4.3
CVE-2016-3391 MEDIUM
Microsoft Internet Explorer 10-11 and Edge - Credential Exposure via Memory Dump
CVSS 5.3
CVE-2016-3267 MEDIUM
Microsoft Internet Explorer 9-11 and Edge - Information Disclosure via Crafted Web Site
CVSS 5.3
CVE-2016-3263 MEDIUM
Microsoft Windows and Office Products - ASLR Bypass via GDI+ Information Disclosure
CVSS 5.5
CVE-2016-3262 MEDIUM
Microsoft Live Meeting - Information Disclosure
CVSS 5.5
CVE-2016-3209 MEDIUM
Microsoft Windows and Office - ASLR Bypass via TrueType Font Parsing
CVSS 5.5
CVE-2016-0079 MEDIUM
Windows 10 Gold, 1511, and 1607 - Local Privilege Escalation via Registry API Call
CVSS 5.0
Details
Vulnerabilities 10,178
Exploit Likelihood High