CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,178 vulnerabilities with CWE-200
CVE-2016-2830
MEDIUM
Firefox < 48.0 and Firefox ESR 45.x < 45.3 - User Tracking via Favicon Connection Reuse
CVSS 4.3
CVE-2016-5137
MEDIUM
Google Chrome < 51.0.2704.106 - HSTS Site Visit Detection via CSP Scheme Mismatch
CVSS 4.3
CVE-2016-5134
HIGH
Google Chrome < 51.0.2704.106 - Credential Exposure via Proxy Auto-Config Script
CVSS 8.8
CVE-2016-5744
HIGH
Siemens SIMATIC WinCC <7.2 - Info Disclosure
CVSS 7.5
CVE-2016-4648
MEDIUM
macOS < 10.11.6 - Unauthorized Sensitive Information Exposure via Audio Component
CVSS 5.5
CVE-2016-4646
MEDIUM
macOS < 10.11.6 - Unauthorized Information Exposure via Crafted Audio File
CVSS 6.5
CVE-2016-4645
LOW
macOS < 10.11.6 - Unprotected User Data Exposure via CFNetwork Cookie Permissions
CVSS 3.3
CVE-2016-4635
MEDIUM
iPhone OS < 9.3.3 and macOS < 10.11.6 - Sensitive Audio Information Exposure via FaceTime Call Spoofing
CVSS 5.3
CVE-2016-4628
MEDIUM
iPhone OS < 9.3.2 and watchOS < 2.2.1 - Out-of-bounds Read in IOAcceleratorFamily
CVSS 5.5
CVE-2016-4595
MEDIUM
macOS < 10.11.6 - Password Exposure via Safari Login AutoFill
CVSS 4.6
CVE-2016-4593
LOW
iPhone OS < 9.3.3 - Unauthenticated Exposure of Sensitive Contact Information via Siri
CVSS 2.4
CVE-2016-0393
MEDIUM
IBM Maximo Asset Management <7.5.0.10-TIV-MBS-IFIX002, <7.6.0.5-TIV...
CVSS 5.3
CVE-2016-0321
MEDIUM
IBM Personal Communications <6.0.17-12.0.0.1 - Info Disclosure
CVSS 6.2
CVE-2016-2865
MEDIUM
IBM Rational Team Concert and Collaborative Lifecycle Management - Exposure of Sensitive Information via GIT Integration
CVSS 6.5
CVE-2016-0338
MEDIUM
IBM Security Identity Manager Virtual Appliance <7.0.1.1 - Info Dis...
CVSS 6.2
CVE-2016-5797
MEDIUM
Tollgrade LightHouse SMS <5.1-3 - Info Disclosure
CVSS 5.3
CVE-2016-1452
MEDIUM
Cisco ASR 5000 <20.0.0 - Privilege Escalation
CVSS 6.5
CVE-2016-3100
HIGH
Opensuse Leap < 5.22.0 - Information Disclosure
CVSS 8.4
CVE-2016-3277
MEDIUM
Microsoft Edge and Internet Explorer - Information Disclosure via Crafted Web Site
CVSS 5.3
CVE-2016-3273
MEDIUM
Microsoft Edge and Internet Explorer 9-11 - Information Disclosure via XSS Filter Bypass
CVSS 5.3
CVE-2016-3272
LOW
Windows Kernel - Information Disclosure via Page-Fault System Call
CVSS 2.8
CVE-2016-3271
MEDIUM
Microsoft Edge - Information Disclosure via VBScript Engine
CVSS 6.5
CVE-2016-3261
MEDIUM
Microsoft Internet Explorer 11 - Information Disclosure via Crafted Web Site
CVSS 5.3
CVE-2016-3256
MEDIUM
Windows 10 Gold and 1511 - Unauthorized Sensitive Information Exposure via Secure Kernel Mode Bypass
CVSS 5.0
CVE-2016-3255
HIGH
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1 - XML External Entity Injection
CVSS 7.5
Details
Vulnerabilities
10,178
Exploit Likelihood
High