CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,182 vulnerabilities with CWE-200
CVE-2016-2294
HIGH
Acuvim II and IIR NET Firmware < 3.08 - Unauthenticated Cleartext Mail-Server Password Exposure
CVSS 7.5
CVE-2016-3688
MEDIUM
dotcms < 3.3.1 - SQL Injection via UserAjax.getUsersList.dwr c0-e3 Parameter
CVSS 6.5
CVE-2016-1658
MEDIUM
Google Chrome < 49.0.2623.112 - Unauthenticated Exposure of Sensitive Information via Extension Origin Comparison Bypass
CVSS 4.3
CVE-2016-1651
HIGH
Google Chrome <50.0.2661.75 - Info Disclosure/DoS
CVSS 8.1
CVE-2016-2427
MEDIUM
bouncycastle bc-java - Exposure of Sensitive Information via AES-GCM Authentication Tag Size
CVSS 5.5
CVE-2016-2426
MEDIUM
Android < 4.4.4/5.0.2/5.1.1/2016-04-01 - Unauthorized Sensitive Information Exposure via ContentService
CVSS 5.5
CVE-2016-2425
MEDIUM
Android 4.x-5.1.x and 6.x before 2016-04-01 - Unauthorized Sensitive Information Exposure via File Attachment Handling
CVSS 5.5
CVE-2016-2415
MEDIUM
Android 5.0.x-5.0.1, 5.1.x-5.1.0, 6.x < 2016-04-01 - Exposure of Sensitive Information via Spoofed Autodiscover Response
CVSS 5.5
CVE-2016-2212
MEDIUM
Magento < 1.9.2.2 and < 1.14.2.2 - Exposure of Sensitive Order Information via RSS Feed Request
CVSS 5.3
CVE-2016-1378
MEDIUM
Cisco IOS <15.2(2)E1 - Info Disclosure
CVSS 5.3
CVE-2016-0787
MEDIUM
libssh2 <1.7.0 - Info Disclosure
CVSS 5.9
CVE-2016-0739
MEDIUM
libssh <0.7.3 - Info Disclosure
CVSS 5.9
CVE-2016-3686
MEDIUM
F5 BIG-IP APM <11.6.0 HF6 & Edge Gateway <11.3.0 - Info Disclosure
CVSS 5.9
CVE-2016-3159
LOW
Oracle VM Server - Information Disclosure via FPU Register Handling
CVSS 3.8
CVE-2016-3158
LOW
Xen < 4.4.0 - Unauthorized Sensitive Information Exposure via xrstor Function
CVSS 3.8
CVE-2016-2084
HIGH
F5 BIG-IP and BIG-IQ - Exposure of Sensitive Information via Improper Certificate Regeneration
CVSS 7.4
CVE-2016-2055
HIGH
Xymon Daemon Gather Information
CVSS 7.5
CVE-2016-1035
HIGH
Adobe RoboHelp Server 9 - Exposure of Sensitive Information via SQL Query Mishandling
CVSS 7.5
CVE-2016-0887
MEDIUM
EMC RSA BSAFE - Info Disclosure
CVSS 5.9
CVE-2016-0090
HIGH
Hyper-V in Windows 8.1, Windows Server 2012 R2, and Windows 10 - Information Disclosure via Guest OS Application
CVSS 7.1
CVE-2016-0089
HIGH
Hyper-V in Windows 8.1, Windows Server 2012, and Windows 10 - Information Disclosure via Guest OS Application
CVSS 7.1
CVE-2016-3170
MEDIUM
Debian Linux < 7.43 - Information Disclosure
CVSS 5.3
CVE-2016-2166
MEDIUM
Apache Qpid Proton < 0.12.1 - Unencrypted Connection for AMQPS URI Scheme
CVSS 6.5
CVE-2016-2140
MEDIUM
OpenStack Nova < 12.0.3 - Authenticated Arbitrary File Read via Crafted qcow2 Header
CVSS 5.3
CVE-2016-2164
HIGH
Apache OpenMeetings < 3.1.1 - Arbitrary File Read via FileService SOAP API
CVSS 7.5
Details
Vulnerabilities
10,182
Exploit Likelihood
High