CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,182 vulnerabilities with CWE-200
CVE-2016-5709 MEDIUM
SolarWinds Virtualization Manager <6.3.1 - Info Disclosure
CVSS 4.7
CVE-2016-5021 MEDIUM
F5 BIG-IP and BIG-IQ - Authenticated Sensitive Information Exposure via iControl REST Service
CVSS 4.9
CVE-2016-1864 MEDIUM
Safari < 9.0.3 - Exposure of Sensitive Information via XSS Auditor Redirect Handling
CVSS 4.3
CVE-2016-1862 LOW
Intel Graphics Driver <10.11.5 - Info Disclosure
CVSS 3.3
CVE-2016-1860 LOW
Intel Graphics Driver <10.11.5 - Info Disclosure
CVSS 3.3
CVE-2016-1196 MEDIUM
Cybozu Garoon 3.x and 4.x < 4.2.1 - Authenticated Sensitive Information Exposure via Address Book API
CVSS 4.3
CVE-2016-1192 MEDIUM
Cybozu Garoon <4.2 - Path Traversal
CVSS 4.3
CVE-2016-1225 MEDIUM
Trend Micro Internet Security <8,10 - Info Disclosure
CVSS 6.5
CVE-2016-4816 MEDIUM
BUFFALO WZR-600DHP3 Firmware <= 2.16 - Exposure of Sensitive Information
CVSS 6.5
CVE-2016-1427 HIGH
Cisco Prime Network Registrar <8.2.3.1-8.3.2 - Info Disclosure
CVSS 7.5
CVE-2016-3234 MEDIUM
Microsoft Office - Information Disclosure via Crafted Office Document
CVSS 5.5
CVE-2016-3232 MEDIUM
Windows Server 2012 - Information Disclosure via Virtual PCI Uninitialized Memory
CVSS 5.0
CVE-2016-3216 MEDIUM
Windows GDI32.dll - ASLR Bypass via Graphics Component Information Disclosure
CVSS 4.3
CVE-2016-3215 MEDIUM
Microsoft Windows and Edge - Information Disclosure via PDF Processing
CVSS 5.5
CVE-2016-3201 MEDIUM
Microsoft Edge and Windows - Information Disclosure via Crafted PDF Document
CVSS 6.5
CVE-2016-0028 MEDIUM
Microsoft Exchange Server 2013/2016 - Sensitive Information Exposure via IMG Element
CVSS 5.5
CVE-2016-5367 HIGH
Huawei Honor WS851 Firmware < 1.1.21.1 - Exposure of Sensitive Information
CVSS 7.5
CVE-2016-2832 MEDIUM
Canonical Ubuntu Linux < 46.0.1 - Information Disclosure
CVSS 4.3
CVE-2016-2500 MEDIUM
Android 5.0.x-5.0.2 5.1.x-5.1.1 6.x-2016-06-01 - Sensitive Information Exposure via Activity Manager
CVSS 5.5
CVE-2016-2499 MEDIUM
Android 4.x-5.1.x and 6.x before 2016-06-01 - Information Exposure via Uninitialized Data in AudioSource
CVSS 5.5
CVE-2016-2498 MEDIUM
Android Qualcomm Wi-Fi Driver - Unauthorized Data Access via Crafted Application
CVSS 5.5
CVE-2016-5233 LOW
Huawei Mate 8 Firmware - Sensitive Subscriber Signal Strength Exposure via Improper Verification
CVSS 3.7
CVE-2016-4516 LOW
ABB PCM600 < 2.6 - Local Sensitive Information Exposure via Password Storage
CVSS 3.3
CVE-2016-1582 MEDIUM
LXD <2.0.2 - Privilege Escalation
CVSS 5.5
CVE-2016-3711 LOW
Red Hat OpenShift Enterprise 3.2 and OpenShift Origin - Exposure of Sensitive Information via Cookie
CVSS 3.3
Details
Vulnerabilities 10,182
Exploit Likelihood High