CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,190 vulnerabilities with CWE-200
CVE-2015-5088
Adobe Acrobat/Reader Info Disclosure (10.x < 10.1.15, 11.x < 11.0.12, DC < 2015.006.30060/2015.008.20082)
CVE-2015-4450
Adobe Acrobat and Reader < 10.1.15/11.0.12/DC 2015.006.30060/DC 2015.008.20082 - Information Exposure
CVE-2015-4449
Adobe Acrobat and Reader < 10.1.15/11.0.12/DC 2015.006.30060/DC Continuous 2015.008.20082 - Information Exposure
CVE-2015-2382
Windows 8, 8.1, RT, RT 8.1, Server 2012, Server 2012 R2 - Kernel Memory Information Disclosure via win32k.sys
CVE-2015-2381
Windows 8, 8.1, RT, RT 8.1, Server 2012, Server 2012 R2 - Kernel Memory Information Disclosure via win32k.sys
CVE-2015-2367
Windows win32k.sys - Unauthorized Information Disclosure via Uninitialized Kernel Memory
CVE-2015-2421
Microsoft Internet Explorer 6-11 - ASLR Bypass via Crafted Web Site
CVE-2015-2414
Microsoft Internet Explorer 8-11 - Information Disclosure via Image Caching
CVE-2015-2413
Microsoft Internet Explorer 6-11 - Unauthorized Local File Existence Disclosure via Module-Resource Request
CVE-2015-2412
Microsoft Internet Explorer 10 and 11 - Arbitrary Local File Read via Crafted Pathname
CVE-2015-2410
Internet Explorer 6-11 - Local File Existence Disclosure via Stylesheet
CVE-2015-2375
Microsoft Excel - ASLR Bypass via Crafted Spreadsheet
CVE-2015-2374
Microsoft Windows Server Credential Exposure via Netlogon PDC-BDC Spoofing
CVE-2015-1729
Microsoft Internet Explorer 9-11 - Information Disclosure via Cross-Domain Content Read
CVE-2015-1887
IBM WebSphere Portal 7.0.0-7.0.0.2 CF29, 8.0.0 < 8.0.0.1 CF17, 8.5.0 < CF06 - Exposure of Sensitive JCR Information
CVE-2015-4263
Cisco Mobility Services Engine 10.0(0.1) - Authenticated Sensitive Information Exposure via Log File Access
CVE-2015-1011
Hospira LifeCare PCA Infusion System <7.0 - Info Disclosure
CVE-2015-4033
Samsung SBeam - Unauthenticated Arbitrary Image Read via NFC HTTP Server
CVE-2015-2742
Oracle Solaris < 38.1.0 - Information Disclosure
CVE-2015-3721
Apple iOS <8.4 & OS X <10.10.4 - Info Disclosure
CVE-2015-3720
Apple OS X <10.10.4 - Info Disclosure
CVE-2015-3711
Apple OS X <10.10.4 - Info Disclosure
CVE-2015-3690
Apple iOS <8.4 & OS X <10.10.4 - Info Disclosure
CVE-2015-3677
Apple OS X <10.10.4 - Info Disclosure
CVE-2015-3676
Apple OS X <10.10.4 - Info Disclosure
Details
Vulnerabilities 10,190
Exploit Likelihood High