CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,182 vulnerabilities with CWE-200
CVE-2016-3271 MEDIUM
Microsoft Edge - Information Disclosure via VBScript Engine
CVSS 6.5
CVE-2016-3261 MEDIUM
Microsoft Internet Explorer 11 - Information Disclosure via Crafted Web Site
CVSS 5.3
CVE-2016-3256 MEDIUM
Windows 10 Gold and 1511 - Unauthorized Sensitive Information Exposure via Secure Kernel Mode Bypass
CVSS 5.0
CVE-2016-3255 HIGH
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1 - XML External Entity Injection
CVSS 7.5
CVE-2016-3251 LOW
Windows GDI - Kernel Address Information Disclosure via Crafted Application
CVSS 2.8
CVE-2016-4985 HIGH
OpenStack Ironic < 4.2.5 and 5.x < 5.1.2 - Unauthenticated Sensitive Information Exposure via Vendor Passthru Request
CVSS 7.5
CVE-2016-3816 MEDIUM
Android <2016-07-05 - Info Disclosure
CVSS 5.5
CVE-2016-3815 MEDIUM
NVIDIA Camera Driver - Info Disclosure
CVSS 5.5
CVE-2016-3814 MEDIUM
NVIDIA camera driver <2016-07-05 - Info Disclosure
CVSS 5.5
CVE-2016-3813 MEDIUM
Qualcomm USB driver - Info Disclosure
CVSS 5.5
CVE-2016-3812 MEDIUM
Android <2016-07-05 - Info Disclosure
CVSS 5.5
CVE-2016-3810 MEDIUM
Mediatek Wi-Fi Driver - Info Disclosure
CVSS 5.5
CVE-2016-3809 MEDIUM
Android <2016-07-05 - Info Disclosure
CVSS 5.5
CVE-2016-3765 HIGH
Android 6.x - Information Disclosure and Denial of Service via Crafted Application
CVSS 7.7
CVE-2016-3761 MEDIUM
Android <4.4.4, <5.0.2, <5.1.1, <2016-07-01 - Info Disclosure
CVSS 4.0
CVE-2016-3759 LOW
Android <5.0.2, <5.1.1, <2016-07-01 - Privilege Escalation
CVSS 3.3
CVE-2016-3753 HIGH
Android 4.x before 4.4.4 - Information Disclosure in mediaserver
CVSS 7.5
CVE-2016-0287 HIGH
IBM i Access 7.1 - Exposure of Sensitive Information via Registry Password Discovery
CVSS 7.8
CVE-2016-0252 MEDIUM
IBM Control Center <6.0.0.1-5.4.2.1 - Info Disclosure
CVSS 5.1
CVE-2016-2923 HIGH
IBM WebSphere Application Server 8.5-8.5.5.9 & Liberty <16.0.0.2 - Unauthorized Cookie Access
CVSS 7.5
CVE-2016-0389 MEDIUM
IBM WebSphere Application Server 8.5.5.2-8.5.5.9 - Exposure of Sensitive Information via Admin Center
CVSS 5.3
CVE-2016-5097 MEDIUM
Opensuse < 4.6.1 - Information Disclosure
CVSS 5.3
CVE-2016-5849 LOW
Siemens SICAM PAS <8.07 - Info Disclosure
CVSS 2.5
CVE-2016-5848 MEDIUM
Siemens SICAM PAS <8.07 - Info Disclosure
CVSS 6.7
CVE-2016-0899 MEDIUM
EMC RSA Archer GRC <5.5.3.4 - Info Disclosure
CVSS 6.3
Details
Vulnerabilities 10,182
Exploit Likelihood High