CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,186 vulnerabilities with CWE-200
CVE-2015-7787 MEDIUM
ASUS Japan WL-330NUL <3.0.0.42 - Info Disclosure
CVSS 4.3
CVE-2015-7248 HIGH
ZTE ZXHN H108N R1A < ZTE.bhs.ZXHNH108NR1A.k_PE - Sensitive Info Exposure via cgi-bin/webproc
CVSS 7.5
CVE-2015-5330 HIGH
Samba <4.1.22-4.3.3 - Info Disclosure
CVSS 7.5
CVE-2015-5299 MEDIUM
Samba <4.1.22-4.3.3 - Info Disclosure
CVSS 5.3
CVE-2015-6852 MEDIUM
EMC Secure Remote Services Virtual Edition 3.x < 3.10 - Authenticated Directory Traversal
CVSS 4.3
CVE-2015-8569 LOW
Linux kernel <4.3.3 - Info Disclosure
CVSS 2.3
CVE-2015-8374 MEDIUM
Linux kernel <4.3.3 - Info Disclosure
CVSS 4.0
CVE-2015-7885 LOW
Linux kernel <4.3.3 - Info Disclosure
CVSS 2.3
CVE-2015-7884 LOW
Linux kernel <4.3.3 - Info Disclosure
CVSS 2.3
CVE-2015-7665 MEDIUM
Tails < 1.6 - Unauthorized IP Address Exposure via wget FTP Mode Fallback
CVSS 5.3
CVE-2015-8253 LOW
RSI Video Technologies Frontel Protocol < 2.0 - Sensitive Information Exposure via Cleartext
CVSS 3.7
CVE-2015-8252 MEDIUM
RSI Video Technologies Frontel Protocol < 2.0 - Exposure of Sensitive Information via Cleartext Serial Number
CVSS 5.9
CVE-2015-8669 MEDIUM
phpMyAdmin 4.0.x-4.0.10.11, 4.4.x-4.4.15.1, 4.5.x-4.5.3 - Information Disclosure via Error Message
CVSS 5.3
CVE-2015-6409 MEDIUM
Cisco Jabber 10.6.x 11.0.x 11.1.x - Exposure of Sensitive Information via STARTTLS Downgrade
CVSS 5.9
CVE-2015-7934 HIGH
Adcon Telemetry A840 - Info Disclosure
CVSS 8.6
CVE-2015-7932 HIGH
Adcon Telemetry A840 - Info Disclosure
CVSS 8.6
CVE-2015-7931 HIGH
Adcon Telemetry A840 - Info Disclosure
CVSS 8.7
CVE-2015-7929 MEDIUM
ewon firmware <= 10.1s0 - Exposure of Sensitive Information via GET Requests
CVSS 4.3
CVE-2015-7928 HIGH
ewon firmware < 10.0s0 - Exposure of Sensitive Information via Password Field Autocomplete
CVSS 8.5
CVE-2015-7926 CRITICAL
ewon firmware < 10.0s0 - Unauthenticated Exposure of Sensitive Information via I/O Server Requests
CVSS 9.9
CVE-2015-7935 HIGH
Motorola Solutions MOSCAD IP Gateway - Info Disclosure
CVSS 7.5
CVE-2015-6471 MEDIUM
Eaton ProView 4.x-5.x - Exposure of Sensitive Information via Ethernet Packet Padding
CVSS 5.3
CVE-2015-7908
Honeywell Midas <1.13b3-2.13b3 - Info Disclosure
CVE-2015-6556
Symantec Endpoint Encryption < 11.0 - Authenticated Credential Exposure via Memory Dump
CVE-2015-6428
Cisco DPQ3925 EDVA r1 Base - Unauthenticated Sensitive Information Exposure via Crafted HTTP Request
Details
Vulnerabilities 10,186
Exploit Likelihood High