CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,191 vulnerabilities with CWE-200
CVE-2015-2804
Alcatel-Lucent OmniSwitch Firmware < 6.4.5.r02 - Session Hijacking via Weak Session ID
CVE-2015-4395
HybridAuth Social Login 7.x-2.x < 7.x-2.10 - Authenticated Plaintext Password Exposure
CVE-2015-4375
Chaos tool suite (ctools) < 7.x-1.7 - Unauthorized Sensitive Node Title Exposure via Autocomplete Search
CVE-2015-4345
RESTful Web Services 7.x-1.x < 7.x-1.5 and 7.x-2.x < 7.x-2.3 - Sensitive Information Exposure
CVE-2015-3951
RLE Nova-Wind Turbine HMI - Info Disclosure
CVE-2015-3949
Sinapsi eSolar Light <2.0.3970_schsl_2.2.85 - Info Disclosure
CVE-2015-4171
strongSwan 4.3.0-5.x < 5.3.2 & Client < 1.4.6 - Sensitive Info Exposure via IKEv2 Auth
CVE-2015-3923
Coppermine Photo Gallery <1.5.36 - Path Traversal
CVE-2015-3108
Adobe Flash Player <13.0.0.292 & Adobe AIR <18.0.0.144 - Memory Cor...
CVE-2015-3102
Adobe Flash Player <13.0.0.292 & Adobe AIR <18.0.0.144 - Auth Bypass
CVE-2015-3099
Adobe Flash Player <13.0.0.292 & Adobe AIR <18.0.0.144 - CSRF
CVE-2015-3098
Adobe Flash Player <13.0.0.292 & Adobe AIR <18.0.0.144 - Auth Bypass
CVE-2015-3097
Adobe Flash Player <13.0.0.292 & Adobe AIR <18.0.0.144 - Memory Cor...
CVE-2015-1765
Microsoft Internet Explorer 9-11 - Unauthorized Browser History Exposure
CVE-2015-1719
Microsoft Windows - Info Disclosure
CVE-2015-4053
ceph-deploy < 1.5.25 - Exposure of Sensitive Information via World-Readable Keyring
CVE-2015-3201
Thermostat <2.0.0 - Info Disclosure
CVE-2015-2998
SysAid Help Desk <15.2 - Info Disclosure
CVE-2015-2997
SysAid Help Desk <15.2 - Info Disclosure
CVE-2015-0764
Cisco Unified MeetingPlace 8.6(1.9) - Arbitrary File Read via Crafted Resource Request
CVE-2015-0763
Cisco Unified MeetingPlace 8.6(1.2) - Exposure of Sensitive Session Information via URL Session ID Validation
CVE-2015-3180
Moodle <2.5.9, <2.6.11, <2.7.8, <2.8.6 - Info Disclosure
CVE-2015-3176
Moodle <2.5.9, <2.6.11, <2.7.8, <2.8.6 - Info Disclosure
CVE-2015-2266
Moodle < 2.5.9 and 2.6.x < 2.6.9 - Authenticated Exposure of Sensitive Information via Message Index
CVE-2015-0215
Moodle < 2.5.9, 2.6.x < 2.6.7, 2.7.x < 2.7.4, 2.8.x < 2.8.2 - Sensitive Information Exposure via Calendar Web Services
Details
Vulnerabilities
10,191
Exploit Likelihood
High