CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,182 vulnerabilities with CWE-200
CVE-2016-2894
LOW
IBM Spectrum Protect 5.5-6.3 < 6.3.2.6, 6.4 < 6.4.3.3, 7.1 < 7.1.6 - Unauthorized Sensitive Data Exposure via Symlink
CVSS 2.5
CVE-2016-1337
HIGH
Cisco EPC3928 Firmware - Unauthenticated Sensitive Information Exposure via Boot Process Requests
CVSS 8.1
CVE-2016-5739
HIGH
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - CSRF
CVSS 7.5
CVE-2016-5730
MEDIUM
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - Info Disclosure
CVSS 5.3
CVE-2016-2079
MEDIUM
VMware NSX Edge 6.1-6.1.7 and 6.2-6.2.3 and vCNS Edge 5.5-5.5.4.3 - Exposure of Sensitive Information via SSL-VPN
CVSS 5.9
CVE-2016-3956
HIGH
npm <2.15.1,3.x <3.8.3 - Info Disclosure
CVSS 7.5
CVE-2016-2961
MEDIUM
IBM Integration Bus 9-10 and WebSphere Message Broker 8 - Sensitive Information Exposure via Malformed POST Request
CVSS 5.3
CVE-2016-2882
MEDIUM
IBM TRIRIGA 3.3-3.3.2.5, 3.4-3.4.2.3, 3.5-3.5.0.1 - Sensitive Info Exposure via HTTP
CVSS 4.3
CVE-2016-2861
LOW
IBM WebSphere eXtreme Scale Sensitive Information Exposure via Improper Data Encryption
CVSS 3.7
CVE-2016-0365
MEDIUM
IBM UrbanCode Deploy <6.0.1.13, <6.1.3.3, <6.2.1.1 - Auth Bypass
CVSS 5.9
CVE-2016-0364
MEDIUM
IBM UrbanCode Deploy <6.0.1.13-6.2.1.1 - Info Disclosure
CVSS 4.3
CVE-2016-5306
MEDIUM
Symantec Endpoint Protection Manager < 12.1.6 - Exposure of Sensitive Information via Missing HSTS Enforcement
CVSS 5.3
CVE-2016-3651
HIGH
Symantec Endpoint Protection Manager <12.1 - Info Disclosure
CVSS 8.0
CVE-2016-3650
HIGH
Symantec Endpoint Protection Manager <12.1 - Info Disclosure
CVSS 8.8
CVE-2016-3649
MEDIUM
Symantec Endpoint Protection Manager <12.1 - Info Disclosure
CVSS 4.3
CVE-2016-3648
HIGH
Symantec Endpoint Protection Manager <12.1 - Auth Bypass
CVSS 8.8
CVE-2016-4474
HIGH
Red Hat OpenStack Platform 8.0 & RHEL OpenStack 7.0 - Default Root Password Exposure
CVSS 8.8
CVE-2016-5835
HIGH
WordPress < 4.5.2 - Exposure of Sensitive Revision-History Information via Post Reading
CVSS 7.5
CVE-2016-0298
MEDIUM
IBM Security Guardium Database Activity Monitor <10 - Path Traversal
CVSS 6.5
CVE-2016-0267
HIGH
IBM UrbanCode Deploy <6.0.1.13-6.2.1.1 - Info Disclosure
CVSS 7.7
CVE-2016-5244
HIGH
Fedora < 4.6.3 - Information Disclosure
CVSS 7.5
CVE-2016-5243
MEDIUM
Linux Kernel < 4.6.3 - Information Disclosure via TIPC Netlink Message Handling
CVSS 5.5
CVE-2016-0259
LOW
IBM WebSphere MQ <8.0.0.5 - Auth Bypass
CVSS 2.5
CVE-2016-1193
HIGH
Cybozu Garoon <4.2 - Info Disclosure
CVSS 7.5
CVE-2016-5722
HIGH
Huawei OceanStor V3 < V300R003C10 - Plaintext Session Token Exposure
CVSS 7.3
Details
Vulnerabilities
10,182
Exploit Likelihood
High