CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2016-4752
MEDIUM
macOS < 10.12 - Sensitive Information Exposure via SecKeyDeriveFromPassword Memory Handling
CVSS 5.5
CVE-2016-4745
MEDIUM
macOS < 10.12 - User Account Enumeration via Kerberos PAM Timing Side-Channel
CVSS 5.3
CVE-2016-4742
MEDIUM
macOS < 10.11.6 - Credential Exposure via NSSecureTextField
CVSS 5.5
CVE-2016-4739
LOW
macOS < 10.11.6 - Unintended DNS Query Exposure via mDNSResponder
CVSS 3.7
CVE-2016-4715
LOW
macOS < 10.11.6 - Unauthorized User Location Exposure via Date & Time Pref Pane
CVSS 3.3
CVE-2016-4713
MEDIUM
macOS < 10.12 - Unauthorized User Screen Exposure via CoreDisplay
CVSS 5.3
CVE-2016-4711
HIGH
Apple iOS <9.3.5 and macOS <10.11.6 - Cleartext Information Exposure via CCrypt Buffer Overlap
CVSS 7.5
CVE-2016-4708
MEDIUM
Apple iOS < 10, macOS < 10.12, tvOS < 10, watchOS < 3 - Information Disclosure via Set-Cookie Header Mispersing
CVSS 6.5
CVE-2016-4707
MEDIUM
Apple iOS < 10 and OS X < 10.12 - Local Storage Information Disclosure
CVSS 4.0
CVE-2016-0918
MEDIUM
EMC RSA <6.8.1-6.9.1 - Info Disclosure
CVSS 4.3
CVE-2016-5282
MEDIUM
Firefox < 48.0.2 - Information Exposure via Favicon Request Scheme
CVSS 6.5
CVE-2016-5279
MEDIUM
Firefox < 48.0.2 - Exposure of Sensitive Information via Local File Drag-and-Drop
CVSS 4.3
CVE-2016-4968
MEDIUM
FortiWan < 4.2.5 - Authenticated Administrator Cookie Exposure via linkreport/tmp/admin_global
CVSS 6.5
CVE-2016-4967
MEDIUM
FortiWan < 4.2.4 - Authenticated Sensitive Information Exposure via Configuration Backup or PCAP Download
CVSS 6.5
CVE-2016-0904
HIGH
EMC Avamar Server <7.3.0-233 - Info Disclosure
CVSS 8.6
CVE-2016-0903
CRITICAL
EMC Avamar Server <7.3.0-233 - Info Disclosure
CVSS 9.1
CVE-2016-6537
HIGH
AVer Information EH6108H+ - Info Disclosure
CVSS 7.5
CVE-2016-6415
HIGH
KEV
Cisco IKE Information Disclosure
CVSS 7.5
CVE-2016-0870
MEDIUM
Trane Tracer SC <4.2.1134 - Info Disclosure
CVSS 5.3
CVE-2016-4749
LOW
iPhone OS < 9.3.5 - Unauthorized Sensitive Information Exposure via AirPrint Preview Temporary File
CVSS 3.3
CVE-2016-4747
LOW
iPhone OS < 9.3.5 - Mail Credential Exposure via Certificate Mishandling
CVSS 3.7
CVE-2016-4746
MEDIUM
iPhone OS < 9.3.5 - Unintended Information Exposure via Keyboard Auto-Correct Cache
CVSS 5.3
CVE-2016-4740
LOW
iPhone OS < 9.3.5 - Unauthorized Sensitive Information Exposure via Handoff for Messages
CVSS 2.9
CVE-2016-4719
MEDIUM
watchOS < 2.2 - Unauthorized Physical Location Exposure via GeoServices PlaceData
CVSS 5.5
CVE-2016-4620
LOW
iPhone OS < 9.3.5 - Unauthorized SMS Draft Directory Metadata Access
CVSS 3.3
Details
Vulnerabilities
10,178
Exploit Likelihood
High