CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,186 vulnerabilities with CWE-200
CVE-2015-7514 MEDIUM
OpenStack Ironic <4.2.1 - Info Disclosure
CVSS 6.5
CVE-2015-6586 HIGH
Huawei WLAN ACU2, AC6005, AC6605 < V200R006C00SPC100 - Unauthorized Sensitive Information Exposure via mDNS
CVSS 7.5
CVE-2015-5383 HIGH
Roundcube Webmail <1.1.2 - Info Disclosure
CVSS 7.5
CVE-2015-5382 MEDIUM
Roundcube Webmail <1.0.6, <1.1.2 - Info Disclosure
CVSS 6.5
CVE-2015-9001 MEDIUM
Android TrustZone - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 5.5
CVE-2015-7247 CRITICAL
D-Link DVG-N5402SP Firmware W1000CN-00, W1000CN-03, W2000EN-00 - Sensitive Information Exposure
CVSS 9.8
CVE-2015-7824 HIGH
botan < 1.11.21 - Exposure of Sensitive Information via TLS CBC Padding Oracle
CVSS 7.5
CVE-2015-8378 HIGH
KeePassX < 0.4.3 - Sensitive Information Exposure via XML Export Cancel
CVSS 7.5
CVE-2015-8276 MEDIUM
LVRTC eParakstitajs <3.0 - Info Disclosure
CVSS 5.5
CVE-2015-2886 HIGH
iBaby M6 Baby Monitor Firmware - Unauthenticated Exposure of Sensitive Information via ibabycloud.com Service
CVSS 7.5
CVE-2015-2884 HIGH
Philips In.Sight B120/37 - Info Disclosure
CVSS 7.5
CVE-2015-2246 LOW
Huawei P7-L10 Firmware <= V100R001C00B136 - Unauthorized Contact Information Exposure in MeWidget Module
CVSS 3.3
CVE-2015-8628 MEDIUM
MediaWiki < 1.23.12, 1.24.x < 1.24.5, 1.25.x < 1.25.4, 1.26.x < 1.26.1 - Sensitive User Login Info Exposure
CVSS 5.3
CVE-2015-8625 HIGH
MediaWiki < 1.23.12, 1.24.x < 1.24.5, 1.25.x < 1.25.4, 1.26.x < 1.26.1 - Arbitrary File Read
CVSS 7.5
CVE-2015-5729 CRITICAL
Samsung Smart TVs & Printers - Info Disclosure
CVSS 9.8
CVE-2015-4078 LOW
Cloudera Navigator 2.2.x < 2.2.4 and 2.3.x < 2.3.3 - Exposure of Sensitive Information via SSLv3 Padding Oracle Attack
CVSS 3.1
CVE-2015-3882 MEDIUM
qdPM 8.3 - Exposure of Sensitive Information via Invalid User ID Parameter
CVSS 5.3
CVE-2015-3881 HIGH
qdPM 8.3 - Unauthenticated Sensitive Information Exposure via Direct File Access
CVSS 7.5
CVE-2015-6671 MEDIUM
edx-platform < 2015-08-20 - Exposure of Sensitive Information via Database-Backed SAML SSO Secrets
CVSS 5.9
CVE-2015-2877 LOW
Linux Kernel 2.6.32-4.x - ASLR Bypass via KSM Write-Timing Side Channel
CVSS 3.3
CVE-2015-4057 HIGH
VCE Vision Intelligent Operations < 2.6.4 - Unauthenticated Admin Password Exposure via Cleartext HTTP Response
CVSS 7.5
CVE-2015-7493 MEDIUM
IBM InfoSphere Information Server - Code Injection
CVSS 4.7
CVE-2015-7418 MEDIUM
IBM WebSphere eXtreme Scale & DataPower XC10 - Sensitive Info Exposure via Memory Residue
CVSS 4.4
CVE-2015-8544 HIGH
NetApp SnapDrive for Windows <7.0.2P4-7.1.3P1 - Info Disclosure
CVSS 7.5
CVE-2015-5677 MEDIUM
FreeBSD 9.3, 10.1, 10.2 - Exposure of Sensitive Information via World-Readable snmpd.config
CVSS 5.5
Details
Vulnerabilities 10,186
Exploit Likelihood High