CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,178 vulnerabilities with CWE-200
CVE-2016-0075 MEDIUM
Microsoft Windows 8.1/10, Server 2012, RT 8.1 - Local Privilege Escalation via Registry API
CVSS 5.5
CVE-2016-0073 MEDIUM
Windows Kernel - Local Privilege Escalation via Registry API Call
CVSS 5.0
CVE-2016-0070 MEDIUM
Microsoft Windows - Unauthorized Registry Information Disclosure via Kernel API
CVSS 5.5
CVE-2016-3946 HIGH
SAP Console <7.30 - Info Disclosure
CVSS 7.8
CVE-2016-7960 LOW
SIMATIC STEP 7 < 13.010 - Exposure of Sensitive Configuration Information via TIA Project File
CVSS 2.5
CVE-2016-8100 MEDIUM
Intel Integrated Performance Primitives < 9.0.3 - RSA Private Key Exposure via Side-Channel Attack
CVSS 5.5
CVE-2016-6689 MEDIUM
Android < 7.0 - Information Exposure via Binder
CVSS 5.5
CVE-2016-6688 MEDIUM
Android < 7.0 - Information Exposure via NVIDIA Profiler
CVSS 5.5
CVE-2016-6687 MEDIUM
Android < 7.0 - Sensitive Information Exposure via NVIDIA Profiler
CVSS 5.5
CVE-2016-6686 MEDIUM
Android < 7.0 - Sensitive Information Exposure via NVIDIA Profiler
CVSS 5.5
CVE-2016-6685 MEDIUM
Android < 7.0 - Information Exposure via Crafted Application
CVSS 5.5
CVE-2016-6684 MEDIUM
Android - Exposure of Sensitive Information via Crafted Application
CVSS 5.5
CVE-2016-6683 MEDIUM
Android < 7.0 - Information Disclosure via Crafted Application
CVSS 5.5
CVE-2016-6682 MEDIUM
Android < 7.0 - Information Disclosure via Uninitialized Data Structures in QDSP6v2 Driver
CVSS 5.5
CVE-2016-6681 MEDIUM
Android < 7.0 - Information Disclosure via Uninitialized Data Structures in QDSP6v2 Driver
CVSS 5.5
CVE-2016-6680 HIGH
Android < 7.0 - Information Disclosure via iw_set_priv ioctl Call
CVSS 7.8
CVE-2016-6679 MEDIUM
Android < 7.0 - Exposure of Sensitive Information via setwpaie ioctl Call
CVSS 5.5
CVE-2016-6678 MEDIUM
Android < 7.0 - Exposure of Sensitive Information via Motorola USBNet Driver
CVSS 5.5
CVE-2016-6677 MEDIUM
Android < 7.0 - Information Exposure via NVIDIA GPU Driver
CVSS 5.5
CVE-2016-3924 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-10-01 - Info Disclosure
CVSS 5.5
CVE-2016-3918 MEDIUM
AOSP Mail <4.4.4, <5.0.2, <5.1.1, <2016-10-01 - Info Disclosure
CVSS 5.5
CVE-2016-3902 MEDIUM
Qualcomm IPA <2016-10-05 - Info Disclosure
CVSS 5.5
CVE-2016-3860 MEDIUM
Qualcomm sound driver <2016-10-05 - Info Disclosure
CVSS 5.5
CVE-2016-6653 HIGH
Pivotal Cloud Foundry - Info Disclosure
CVSS 7.5
CVE-2016-6435 MEDIUM
Cisco Firepower Management Center 6.0.1 - Info Disclosure
CVSS 6.5
Details
Vulnerabilities 10,178
Exploit Likelihood High