CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,182 vulnerabilities with CWE-200
CVE-2016-0825 MEDIUM
Android 6.0.1 - Exposure of Sensitive TrustZone Secure-Storage Information via Kernel Access
CVSS 5.3
CVE-2016-0824 MEDIUM
Android 6.x - Exposure of Sensitive Information via Crafted Bitstream Data
CVSS 5.3
CVE-2016-0823 MEDIUM
Linux kernel <3.19.3 - Info Disclosure
CVSS 4.0
CVE-2016-1562 MEDIUM
DTE Energy Insight <1.7.8 - Info Disclosure
CVSS 4.3
CVE-2016-1360 HIGH
Cisco Prime LMS <4.2.5 - Info Disclosure
CVSS 7.1
CVE-2016-0886 MEDIUM
EMC Documentum xCP <2.1-2.2 - Info Disclosure
CVSS 4.3
CVE-2016-1325 HIGH
Cisco DPC3939B/DPC3941 - Info Disclosure
CVSS 7.5
CVE-2016-0125 LOW
Microsoft Edge - Information Disclosure via Referer Policy Mishandling
CVSS 3.1
CVE-2016-2845 MEDIUM
Google Chrome < 48.0.2564.116 - Sensitive Information Exposure via CSP Violation Reports
CVSS 5.3
CVE-2016-1637 MEDIUM
Skia <49.0.2623.75 - Info Disclosure
CVSS 6.5
CVE-2016-2244 MEDIUM
HP FutureSmart Firmware < 3.7 - Exposure of Sensitive Information
CVSS 5.9
CVE-2016-1357 MEDIUM
Cisco Policy Suite <7.5.0 - Auth Bypass
CVSS 5.3
CVE-2016-0702 MEDIUM
OpenSSL <1.0.1s-1.0.2g - Info Disclosure
CVSS 5.1
CVE-2016-0704 MEDIUM
OpenSSL < 0.9.8ze - Exposure of Sensitive Information via SSLv2 Export Cipher Suite
CVSS 5.9
CVE-2016-0703 MEDIUM
OpenSSL < 0.9.8zf, 1.0.0 < 1.0.0r, 1.0.1 < 1.0.1m, 1.0.2 < 1.0.2a - SSLv2 CLIENT-MASTER-KEY Info Exposure
CVSS 5.9
CVE-2016-0800 MEDIUM
OpenSSL <1.0.1s, 1.0.2 before 1.0.2g - RCE
CVSS 5.9
CVE-2016-0225 MEDIUM
IBM WebSphere Commerce <7.0.0.9 - Info Disclosure
CVSS 4.9
CVE-2016-1342 MEDIUM
Cisco FirePOWER Mgmt Ctr <6.0.0.1 - Info Disclosure
CVSS 5.3
CVE-2016-0706 MEDIUM
Apache Tomcat <6.0.45-9.0.0.M2 - Auth Bypass
CVSS 4.3
CVE-2016-0724 MEDIUM
Moodle < 2.6.11, 2.7.x < 2.7.12, 2.8.x < 2.8.10, 2.9.x < 2.9.4, 3.0.x < 3.0.2 - Information Disclosure
CVSS 4.3
CVE-2016-2044 MEDIUM
phpMyAdmin <4.5.4 - Info Disclosure
CVSS 5.3
CVE-2016-2042 MEDIUM
phpMyAdmin <4.4.15.3-4.5.4 - Info Disclosure
CVSS 5.3
CVE-2016-2039 MEDIUM
phpMyAdmin <4.0.10.13, <4.4.15.3, <4.5.4 - CSRF
CVSS 5.3
CVE-2016-2038 MEDIUM
phpMyAdmin <4.0.10.13, <4.4.15.3, <4.5.4 - Info Disclosure
CVSS 5.3
CVE-2016-2509 MEDIUM
Belden Hirschmann Firmware < 09.0.05 - Information Disclosure
CVSS 5.3
Details
Vulnerabilities 10,182
Exploit Likelihood High