CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,182 vulnerabilities with CWE-200
CVE-2016-2388 MEDIUM KEV
SAP NetWeaver AS JAVA 7.10-7.50 - Exposure of Sensitive Information via Universal Worklist Configuration
CVSS 5.3
CVE-2016-1321 MEDIUM
Cisco Universal Small Cell - Info Disclosure
CVSS 5.8
CVE-2016-0232 MEDIUM
IBM Financial Transaction Manager 3.0.0 - Authenticated Sensitive Information Exposure via README Files
CVSS 4.3
CVE-2016-0231 MEDIUM
IBM Financial Transaction Manager 3.0.0 - Authenticated Sensitive Information Exposure via Error Log Exception Details
CVSS 4.3
CVE-2016-0701 LOW
OpenSSL 1.0.2 - Exposure of Sensitive Information via DH Key Exchange
CVSS 3.7
CVE-2016-1526 HIGH
Mozilla Firefox <43.0 & ESR 38.x <38.6.1 - Info Disclosure
CVSS 8.1
CVE-2016-0864 MEDIUM
Tollgrade SMS <5.1 - Info Disclosure
CVSS 5.3
CVE-2016-1323 MEDIUM
Cisco Spark 2015-06 - Info Disclosure
CVSS 4.3
CVE-2016-0958 HIGH
Adobe Experience Manager <6.1.0 - Info Disclosure
CVSS 7.5
CVE-2016-0956 HIGH
Apache Sling 2.3.6 - Info Disclosure
CVSS 7.5
CVE-2016-0080 MEDIUM
Microsoft Edge - ASLR Bypass via Window Message Exception Handling
CVSS 4.3
CVE-2016-0059 MEDIUM
Internet Explorer 9-11 - Information Disclosure via Crafted URL in Email or Office Document
CVSS 4.3
CVE-2016-0047 HIGH
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1 - Information Disclosure via Crafted Icon Data
CVSS 7.5
CVE-2016-1319 MEDIUM
Cisco - Info Disclosure
CVSS 5.3
CVE-2016-1317 MEDIUM
Cisco Unified Communications Manager 11.5 - Info Disclosure
CVSS 4.3
CVE-2016-1316 MEDIUM
Cisco VCS X8.1-X8.7 - Info Disclosure
CVSS 5.3
CVE-2016-0723 MEDIUM
Linux kernel <4.4.1 - Info Disclosure/DoS
CVSS 6.8
CVE-2016-0811 HIGH
Android 6.x - Exposure of Sensitive Information via Integer Overflow in BnCrypto::onTransact
CVSS 7.5
CVE-2016-0862 MEDIUM
General Electric GE Industrial Solutions UPS SNMP/Web Adapter <4.8 ...
CVSS 6.5
CVE-2016-1730 MEDIUM
iPhone OS < 9.2 - Cookie Manipulation via Crafted Captive Portal
CVSS 5.4
CVE-2016-1728 MEDIUM
Apple iOS <9.2.1 & Safari <9.0.3 - Info Disclosure
CVSS 4.3
CVE-2016-1939 MEDIUM
Mozilla Firefox <44.0 - Info Disclosure
CVSS 5.3
CVE-2016-0867 HIGH
CAREL PlantVisorEnhanced - Auth Bypass
CVSS 7.5
CVE-2016-1490 MEDIUM
Lenovo SHAREit <3.2.0 - Info Disclosure
CVSS 4.1
CVE-2016-1489 HIGH
Lenovo SHAREit <3.2.0 - Info Disclosure
CVSS 8.0
Details
Vulnerabilities 10,182
Exploit Likelihood High