CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,190 vulnerabilities with CWE-200
CVE-2015-5892
iPhone OS < 8.4.1 - Unauthenticated Sensitive Information Exposure via Siri Lock-Screen Bypass
CVE-2015-5885
Apple iOS < 9 - Unauthorized User Tracking via CFNetwork Cookies
CVE-2015-5880
Apple iOS <9 - Privilege Escalation
CVE-2015-5863
Apple iOS < 9 - Unauthorized Sensitive Information Exposure via IOStorageFamily
CVE-2015-5860
iPhone OS < 8.4.1 - User Tracking via HSTS State Mishandling
CVE-2015-5858
iPhone OS < 8.4.1 - HSTS Protection Bypass via Crafted URL
CVE-2015-5855
Apple iOS <9 - Info Disclosure
CVE-2015-5851
macOS X < 10.10.5 and iPhone OS < 8.4.1 - Unencrypted Multipeer Data Exposure via Downgrade Attack
CVE-2015-5842
Apple iOS < 9 and macOS < 10.10.5 - Unauthorized Sensitive Memory Layout Exposure via Uninitialized Data Structure
CVE-2015-5835
iPhone OS < 8.4.1 - Unauthorized Sensitive Information Exposure via URL Scheme Interception
CVE-2015-5834
Apple iOS < 9 - Kernel Memory Layout Exposure via IOAcceleratorFamily
CVE-2015-5832
iPhone OS < 8.4.1 - Sensitive Information Exposure via iTunes Store Keychain Handling
CVE-2015-5831
macOS < 10.10.5 and iOS < 8.4.1 - Unauthorized Memory Layout Exposure via NetworkExtension
CVE-2015-5827
Safari < 8.0.8 and iPhone OS < 8.4.1 - Same Origin Policy Bypass via Event Handling
CVE-2015-5825
Safari < 8.0.8 and iPhone OS < 8.4.1 - Sensitive Information Exposure via Performance API
CVE-2015-5788
iPhone OS < 8.4.1 - Unauthorized Sensitive Image Information Exposure via WebKit Canvas
CVE-2015-7226
Administration Views < 7.x-1.5 - Unauthorized Sensitive Information Exposure via Access Handler
CVE-2015-5440
HP UCMDB <10.01CUP12, 10.10, 10.11, 10.2x - Info Disclosure
CVE-2015-2136
HP ArcSight Logger < 6.0 - Authenticated Exposure of Sensitive Information
CVE-2015-4980
IBM WebSphere Commerce 7.0.0.6-7.0.0.9 - Authenticated Exposure of Sensitive Personal Information
CVE-2015-6830
phpMyAdmin 4.3.x-4.3.13.1 & 4.4.x-4.4.14.0 - Brute-Force Protection Bypass via reCaptcha
CVE-2015-2505
Microsoft Exchange Server 2013 Cumulative Update 8 and 9 and SP1 - Information Disclosure via Crafted OWA Request
CVE-2015-2483
Microsoft Internet Explorer 10 and 11 - Information Disclosure via Crafted Web Site
CVE-2015-6276
Cisco TelePresence IX5000 8.0.3 - Exposure of Sensitive Information via Insufficient Access Control
CVE-2015-4077
FortiClient < 5.2.3 - Unauthorized Kernel Memory Read via mdare Driver ioctl
Details
Vulnerabilities
10,190
Exploit Likelihood
High