CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,190 vulnerabilities with CWE-200
CVE-2015-0987
CRITICAL
Omron CX-One CX-Programmer <9.6 - Info Disclosure
CVSS 10.0
CVE-2015-7322
Pulse Connect Secure < 7.1R22.1, 7.4, 8.0 < 8.0R11, 8.1 < 8.1R3 - Meeting ID Enumeration
CVE-2015-2025
IBM WebSphere eXtreme Scale 7.1.0-7.1.0.2 and 7.1.1 - Unauthenticated Sensitive Information Exposure via Session Cookie
CVE-2015-1933
IBM Maximo Asset Management Password Field Autocomplete Exposure
CVE-2015-0143
IBM OpenPages GRC Platform 6.2-6.2.1.1 7.0-7.1 - Authenticated Sensitive Information Exposure via Error Messages
CVE-2015-5711
TIBCO Managed File Transfer Internet Server < 7.2.5 - Authenticated Sensitive Information Exposure via HTTP Request
CVE-2015-6474
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ - Cleartext Password Exposure via HTML Source Code
CVE-2015-6469
IBC Solar Danfoss TLX Pro+ and ServeMaster TLP+ - Unauthenticated Sensitive Information Exposure via Script Source Code
CVE-2015-4543
RSA Archer GRC 5.x < 5.5.3 - Authenticated Exposure of Sensitive Information via Cleartext Password Storage
CVE-2015-6303
Cisco Spark 2015-07-04 - Exposure of Sensitive Information via Improper Certificate Validation
CVE-2015-7327
Firefox < 40.0.3 - Unauthorized Sensitive Information Exposure via High Resolution Time API
CVE-2015-4519
Firefox < 41.0 - Unauthorized URL Exposure via Drag-and-Drop Image Action
CVE-2015-4503
Firefox < 40.0.3 - Information Disclosure via TCP Socket API
CVE-2015-6940
Pentaho Business Analytics and Data Integration - Exposure of Sensitive Information via GetResource Servlet
CVE-2015-6679
Adobe Flash Player < 18.0.0.241 and 19.x < 19.0.0.185 - Same Origin Policy Bypass and Information Disclosure
CVE-2015-5576
Adobe Flash Player <18.0.0.241-11.2.202.521 - Memory Corruption
CVE-2015-5572
Adobe Flash Player <18.0.0.241-11.2.202.521 - Auth Bypass
CVE-2015-5571
Adobe Flash Player <18.0.0.241-19.0.0.185 - CSRF
CVE-2015-7305
Scald 7.x-1.x < 7.x-1.5 - Unauthorized Sensitive Information Exposure via Debug Context
CVE-2015-5921
iPhone OS < 8.4.1 - Sensitive Information Exposure via Content-Disposition Header Mishandling
CVE-2015-5916
watchOS < 2.0.0 and iPhone OS < 8.4.1 - Unauthorized Exposure of Recent Transaction Information via Apple Pay
CVE-2015-5910
Apple Xcode < 6.4 - Unauthenticated Sensitive Information Exposure via Unencrypted Server Traffic
CVE-2015-5909
Xcode < 7.0 - Unauthenticated Exposure of Sensitive Build Information via Repository Email Lists
CVE-2015-5906
iPhone OS < 8.4.1 - Password Character Exposure via QuickType Prediction
CVE-2015-5898
Apple iOS < 9 - Exposure of Sensitive Information via CFNetwork Cache Encryption Key
Details
Vulnerabilities
10,190
Exploit Likelihood
High