CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,190 vulnerabilities with CWE-200
CVE-2015-5859
Apple iOS < 9 and OS X < 10.11 - Sensitive Information Exposure via HSTS Preload List Bypass
CVE-2015-6375
Cisco IOS 15.2(2)E3 - Exposure of Sensitive Information via Debug-Logging Feature
CVE-2015-7910
Exemys Telemetry Web Server - Auth Bypass
CVE-2015-6371
Cisco Firepower Extensible Operating System 1.1(1.160) - Authenticated Arbitrary File Read via Crafted Parameters
CVE-2015-6368
Cisco Firepower Extensible Operating System 1.1(1.160) - Unauthenticated Arbitrary File Read via Crafted HTTP Request
CVE-2015-8090
TIBCO LogLogic Unity <1.1.1 - Privilege Escalation
CVE-2015-6847
EMC VPLEX GeoSynchrony 5.4 SP1 - Exposure of Sensitive Information in Log File
CVE-2015-8232
UC Profile module <6.x-1.3 - Info Disclosure
CVE-2015-7998
Citrix NetScaler <10.1.133.9-10.5.58.11-10.5.e.56.1505.e - Info Dis...
CVE-2015-7996
Citrix NetScaler <10.1.133.9-10.5.58.11-10.5.e.56.1505.e - Info Dis...
CVE-2015-5276
GCC < 4.9.4 - Predictable Random Values via Short Reads in std::random_device
CVE-2015-7427
IBM DataPower Gateway <6.0.0.17, <6.0.1.17, <7.0.0.10, <7.1.0.7, <7...
CVE-2015-7404
IBM Tivoli Storage Manager <5.5.6.2, <6.3.1.6, <6.4.1.8, <7.1.4 - S...
CVE-2015-6364
Cisco Videoscape Distribution Suite Service Manager < 3.2.0 - Exposure of Sensitive Information via REST API
CVE-2015-6115
Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 - ASLR Bypass via Crafted Web Site
CVE-2015-6109
Windows Kernel Memory Information Disclosure via KASLR Bypass
CVE-2015-6102
Microsoft Windows - Kernel Memory Information Disclosure via KASLR Bypass
CVE-2015-6096
Microsoft .NET Framework 2.0 SP2-4.6 - XML External Entity Injection in DTD Parser
CVE-2015-6088
Microsoft Internet Explorer 9-11 and Edge - ASLR Bypass via Crafted Web Site
CVE-2015-6086
Microsoft Internet Explorer <11 - Info Disclosure
CVE-2015-7991
SAP HANA DB <1.00.73.00.389160 - Info Disclosure
CVE-2015-4551
LibreOffice < 4.4.5 and Apache OpenOffice < 4.1.2 - Information Disclosure via Embedded Local File Data
CVE-2015-8100
net-snmp < 5.8 - Exposure of Sensitive Information via Weak snmpd.conf Permissions
CVE-2015-8007
Echo Extension for MediaWiki - Authenticated Exposure of Hidden Usernames in Non-Revision Notifications
CVE-2015-8005
MediaWiki <1.23.11, <1.24.4, <1.25.3 - Info Disclosure
Details
Vulnerabilities
10,190
Exploit Likelihood
High