CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,182 vulnerabilities with CWE-200
CVE-2016-0783 HIGH
Apache OpenMeetings <3.1.1 - Info Disclosure
CVSS 7.5
CVE-2016-2513 LOW
Django < 1.8.10 and 1.9.x < 1.9.3 - User Enumeration via Timing Attack
CVSS 3.1
CVE-2016-0791 CRITICAL
Jenkins <1.650-1.642.2 - CSRF Bypass
CVSS 9.8
CVE-2016-0790 MEDIUM
Jenkins <1.650-1.642.2 - Info Disclosure
CVSS 5.3
CVE-2016-3973 MEDIUM
SAP NetWeaver Java AS <7.5 - Info Disclosure
CVSS 5.3
CVE-2016-1563 MEDIUM
NetApp Clustered Data ONTAP 8.3.1 - Info Disclosure
CVSS 6.8
CVE-2016-0871 HIGH
Eaton Lighting EG2 Web Control <4.04P - Info Disclosure
CVSS 7.5
CVE-2016-0793 HIGH
WildFly <10.0.0.Final - Info Disclosure
CVSS 7.5
CVE-2016-1787 MEDIUM
Apple OS X Server <5.1 - Info Disclosure
CVSS 5.3
CVE-2016-1786 MEDIUM
WebKit in Apple iOS <9.3 & Safari <9.1 - CSRF
CVSS 5.4
CVE-2016-1785 MEDIUM
Safari < 9.0.3 and iPhone OS < 9.2.1 - Same Origin Policy Bypass via Page Loading Character Encoding
CVSS 6.5
CVE-2016-1780 MEDIUM
iPhone OS < 9.3 - Unauthorized Sensitive Information Exposure via WebKit Hidden Web Views
CVSS 4.3
CVE-2016-1779 MEDIUM
Apple WebKit Geolocation - Same Origin Policy Bypass
CVSS 6.5
CVE-2016-1772 MEDIUM
Apple Safari <9.1 - Info Disclosure
CVSS 4.3
CVE-2016-1764 MEDIUM
Apple OS X <10.11.4 - Info Disclosure
CVSS 4.3
CVE-2016-1758 LOW
Apple iOS <9.3 & OS X <10.11.4 - Info Disclosure/DoS
CVSS 3.3
CVE-2016-1748 LOW
Apple iOS <9.3, OS X <10.11.4, tvOS <9.2, watchOS <2.2 - Info Discl...
CVSS 3.3
CVE-2016-3155 LOW
Siemens APOGEE Insight - Exposure of Sensitive Information via Weak Application Folder Permissions
CVSS 3.4
CVE-2016-1994 MEDIUM
HPE System Management Homepage <7.5.4 - Info Disclosure
CVSS 6.5
CVE-2016-1992 MEDIUM
HPE ArcSight ESM <6.8c-6.9.1 - Info Disclosure
CVSS 6.5
CVE-2016-1967 MEDIUM
Mozilla Firefox <45.0 - Info Disclosure
CVSS 6.5
CVE-2016-1955 MEDIUM
Mozilla Firefox < 44.0.2 - Unauthorized Sensitive Information Exposure via CSP Violation Report
CVSS 4.3
CVE-2016-0831 MEDIUM
Android <5.1.1 LMY49H & <6 - Info Disclosure
CVSS 5.5
CVE-2016-0829 HIGH
Android <4.4.4-2016-03-01 - Info Disclosure
CVSS 7.5
CVE-2016-0828 HIGH
Android <5.1.1 LMY49H & <6.x - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 10,182
Exploit Likelihood High