CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,190 vulnerabilities with CWE-200
CVE-2015-7836
Siemens RUGGEDCOM ROS <4.2.1 - Info Disclosure
CVE-2015-5713
TIBCO Spotfire Server <7.0.1 - Info Disclosure
CVE-2015-5712
TIBCO Spotfire Server <7.0.1 - Info Disclosure
CVE-2015-3969
Janitza UMG 508, 509, 511, 604, and 605 - Exposure of Sensitive Network Information via UDP Ports 1234 or 1235
CVE-2015-5223
OpenStack Swift <2.4.0 - Info Disclosure
CVE-2015-5288
PostgreSQL <9.0.23-9.4.5 - DoS
CVE-2015-5448
HP Asset Manager <9.41.11103-9.50.11925 - Info Disclosure
CVE-2015-4981
IBM GPFS 3.5.x < 3.5.0.27 & 4.1.x < 4.1.1.2 - Sensitive Information Exposure
CVE-2015-1005
IniNet eWebServer <2.02 - Info Disclosure
CVE-2015-7022
iPhone OS < 9.0.2 - Unauthorized Sensitive Call-Status Information Exposure via Telephony Subsystem
CVE-2015-7000
iPhone OS < 9.0.2 - Sensitive Information Exposure via Lock Screen Notification
CVE-2015-7032
Apple iWork < 2.6, Keynote < 6.6, Pages < 5.6, Numbers < 3.6 - Exposure of Sensitive Information via Crafted Document
CVE-2015-5661
SAND STUDIO AirDroid <1.1.0 - Info Disclosure
CVE-2015-6843
EMC SourceOne Email Supervisor < 7.1 - Unauthenticated Brute-Force Authentication
CVE-2015-5742
Veeam Backup & Replication <8.0.3 - Info Disclosure
CVE-2015-6759
Google Chrome < 45.0.2454.101 - Exposure of Sensitive Information via Blob URL Origin Handling
CVE-2015-7628
Adobe Flash Player <18.0.0.252-11.2.202.535 - SSRF
CVE-2015-7624
Adobe Reader/Acrobat <10.1.16/11.0.13 - Info Disclosure
CVE-2015-6706
Adobe Acrobat/Reader Info Exposure (10.x < 10.1.16, 11.x < 11.0.13, DC < 2015.006.30094/2015.009.20069)
CVE-2015-6705
Adobe Acrobat and Reader < 10.1.16/11.0.13/DC 2015.006.30094/DC Continuous 2015.009.20069 - Information Exposure
CVE-2015-5583
Adobe Reader/Acrobat <10.1.16/11.0.13 - Auth Bypass
CVE-2015-7368
Revive Adserver < 3.2.1 - Exposure of Sensitive Information via Cache-Control Header Misconfiguration
CVE-2015-6059
Microsoft VBScript/JScript 5.7/5.8 - Info Disclosure
CVE-2015-6057
Microsoft Edge - Unauthorized Memory Information Disclosure via Crafted Web Site
CVE-2015-6053
Microsoft Internet Explorer 11 - Info Disclosure
Details
Vulnerabilities 10,190
Exploit Likelihood High