CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,190 vulnerabilities with CWE-200
CVE-2015-8095
Monster Menos <7.x-1.24 - Info Disclosure
CVE-2015-7940
Bouncy Castle Java <1.51 - Code Injection
CVE-2015-5730
WordPress < 4.2.4 - Timing Side-Channel Attack via Widget Instance Sanitization
CVE-2015-7412
IBM DataPower Gateways <7.2.0.1 - Info Disclosure
CVE-2015-5015
IBM WebSphere Commerce Enterprise < 7.0.0.9 and 8.x - Exposure of Sensitive Information via REST URL
CVE-2015-4940
Apache Ambari < 2.0.2 - Cleartext Password Exposure in Configuration File
CVE-2015-4928
Apache Ambari < 2.0.2 - Exposure of Sensitive Information via Cleartext Password Display
CVE-2015-1999
IBM Security QRadar Incident Forensics 7.2.x - Exposure of Sensitive Information via Session ID in URL
CVE-2015-1996
IBM QRadar Incident Forensics 7.2.x < 7.2.5 Patch 5 - Sensitive Information Exposure via HTTPS Caching
CVE-2015-1994
IBM QRadar Incident Forensics 7.2.x < 7.2.5 Patch 5 - Sensitive Information Exposure via Missing HTTPOnly Flag
CVE-2015-8081
Field as Block <7.x-1.4 - Info Disclosure
CVE-2015-7763
OpenAFS <1.6.15-1.7.33 - Info Disclosure
CVE-2015-7762
OpenAFS <1.6.15 and 1.7.x <1.7.33 - Info Disclosure
CVE-2015-7195
Firefox < 41.0.2 - Exposure of Sensitive Information via Location Header Hostname Parsing
CVE-2015-7190
Firefox < 41.0.2 - Exposure of Sensitive Information via Search Feature Intent
CVE-2015-7186
Firefox < 41.0.2 - Same Origin Policy Bypass via file: URL in Saved HTML Document
CVE-2015-4515
Firefox < 41.0.2 - Hostname Information Exposure via NTLM v1 Authentication
CVE-2015-6355
Cisco Unified Computing System 2.2(5b)A - Information Disclosure via Web Interface
CVE-2015-8074
Android < 5.1.1 - Information Exposure in mediaserver
CVE-2015-6611
Android < 5.1.1 LMY48X and 6.0 < 2015-11-01 - Exposure of Sensitive Information in mediaserver
CVE-2015-6352
Cisco Unified Communications Domain Manager - Information Disclosure via Pathname Error Messages
CVE-2015-6344
Cisco ASA CX Context-Aware Security 9.3(4.1.11) - Authenticated Sensitive Information Exposure
CVE-2015-7859
Joomla! 3.2-3.4.4 - Unauthorized Sensitive Information Exposure via com_contenthistory Component
CVE-2015-7902
Mango Automation <2.6.0-430 - Info Disclosure
CVE-2015-7900
Infinite Automation Mango Automation <2.6.0-430 - Info Disclosure
Details
Vulnerabilities
10,190
Exploit Likelihood
High