CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,186 vulnerabilities with CWE-200
CVE-2015-9169
HIGH
Qualcomm Snapdragon Mobile and Wear Firmware - Exposure of Sensitive Information via QSEE App Buffer Over-Read
CVSS 7.5
CVE-2015-9163
HIGH
Qualcomm Multiple Chipsets Firmware - Exposure of Sensitive Information via PlayReady Function
CVSS 7.5
CVE-2015-9123
HIGH
Qualcomm MDM9206 and related firmware - Exposure of Sensitive Information via AES Key Zeroization Bypass
CVSS 7.5
CVE-2015-9119
HIGH
Qualcomm MDM9206 and Snapdragon Firmware - Exposure of Sensitive Information via QMI Response
CVSS 7.5
CVE-2015-0152
CRITICAL
D-Link DIR-815 Firmware < 2.07.b01 - Unauthenticated Sensitive Information Exposure via Cleartext Password Storage
CVSS 9.8
CVE-2015-1957
MEDIUM
IBM WebSphere MQ 7.5-7.5.0.5 & 8.0-8.0.0.2 - Sensitive Info Exposure via Cleartext Message Duplication
CVSS 5.3
CVE-2015-0172
HIGH
IBM Security SiteProtector System 3.0, 3.1.0, 3.1.1 - Exposure of Sensitive Information and Command Execution
CVSS 7.5
CVE-2015-5016
MEDIUM
IBM Maximo Asset Management 7.1, 7.5, 7.6 - Authenticated Exposure of Sensitive Information via Ticket Worklog Access
CVSS 4.3
CVE-2015-7434
HIGH
IBM Capacity Management Analytics <2.1.0.0 - Info Disclosure
CVSS 7.8
CVE-2015-7433
HIGH
IBM Capacity Management Analytics <2.1.0.0 - Info Disclosure
CVSS 7.8
CVE-2015-7432
HIGH
IBM Capacity Management Analytics 2.1.0.0 - Info Disclosure
CVSS 7.8
CVE-2015-7424
MEDIUM
IBM InfoSphere MDM - Collaborative Edition <11.6 - Auth Bypass
CVSS 4.3
CVE-2015-7401
MEDIUM
IBM Curam Social Program Management <6.1.1.1 - Auth Bypass
CVSS 4.3
CVE-2015-5045
LOW
IBM Rational License Key Server - Exposure of Sensitive Information via Administration and Reporting Tool
CVSS 3.3
CVE-2015-7449
LOW
IBM Rational <4.0.7-6.0.2 - Privilege Escalation
CVSS 3.3
CVE-2015-9256
MEDIUM
Datto ALTO and SIRIS Firmware - Unauthorized Sensitive Information Exposure via Restore Mount Points
CVSS 5.3
CVE-2015-9255
MEDIUM
Datto ALTO and SIRIS Firmware - Unauthenticated Sensitive Information Exposure via Web Virtual Directory
CVSS 5.3
CVE-2015-1418
HIGH
GNU patch <2.7.6 - Command Injection
CVSS 7.8
CVE-2015-2204
HIGH
Evergreen <2.5.9, 2.6.x<2.6.7, 2.7.x<2.7.4 - Sensitive Information Exposure
CVSS 7.5
CVE-2015-2203
MEDIUM
Evergreen 2.5.9, 2.6.7, 2.7.4 - Authenticated Exposure of Sensitive Settings History
CVSS 6.5
CVE-2015-7484
MEDIUM
IBM Rational Engineering Lifecycle Manager <4.0.7 - Info Disclosure
CVSS 4.3
CVE-2015-2298
HIGH
Etherpad 1.5.x - Exposure of Sensitive Information via PadID Export
CVSS 7.5
CVE-2015-8470
MEDIUM
Puppet Enterprise <3.7.x-2015.2.x - Info Disclosure
CVSS 6.5
CVE-2015-5173
HIGH
Cloud Foundry Runtime cf-release < 216 - Exposure of Sensitive Information via Password Recovery Email Referer Leakage
CVSS 8.8
CVE-2015-6668
HIGH
Job Manager < 0.7.24 - Unauthenticated Sensitive Information Exposure via CV File Brute Force
CVSS 7.5
Details
Vulnerabilities
10,186
Exploit Likelihood
High