CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,191 vulnerabilities with CWE-200
CVE-2015-0211
Moodle < 2.5.9, 2.6.x < 2.6.7, 2.7.x < 2.7.4, 2.8.x < 2.8.2 - Sensitive Information Exposure
CVE-2015-4138
Blue Coat SSL Visibility Appliance < 3.8.4 - Sensitive Information Exposure via Missing HTTPOnly Flag
CVE-2015-2855
Blue Coat SSL Visibility Appliance < 3.8.4 - Sensitive Information Exposure via Unsecured Cookie
CVE-2015-0758
Cisco Unified MeetingPlace 8.6(1.9) - XML External Entity Injection via Web Interface
CVE-2015-0745
Cisco Headend Digital Broadband Delivery System - Exposure of Sensitive Information via HTTP Request Header
CVE-2015-4069
Arcserve Unified Data Protection < 5.0 - Exposure of Sensitive Credentials via SOAP Request
CVE-2015-3995
SAP HANA DB 1.00.73.00.389160 - Authenticated Arbitrary File Read via IMPORT FROM SQL Statement
CVE-2015-0757
Cisco Identity Services Engine 1.2(1.901)/1.3(0.722) Sensitive Information Exposure
CVE-2015-0200
IBM WebSphere Commerce 6.x-6.0.0.11 and 7.x < 7.0.0.8 IF2 - Unauthorized Sensitive Database Information Exposure
CVE-2015-2121
HP Network Virtualization 8.61 and 11.52 - Arbitrary File Read via HttpServlet or NetworkEditorController
CVE-2015-0170
IBM Security SiteProtector 3.0-3.1.1 - Sensitive Data Exposure via Cached Data
CVE-2015-1915
IBM Endpoint Manager for Remote Control 9.0.1-9.1.0 - Session Cookie Exposure via Missing Secure Flag
CVE-2015-1909
IBM InfoSphere Master Data Management Server - XML External Entity Injection in Reference Data Management XML Parser
CVE-2015-3912
Huawei E355s Mobile WiFi < 22.158.45.02.625 & WEBUI < 13.100.04.01.625 - Sensitive Info Exposure via Network Sniffing
CVE-2015-3999
Piriform CCleaner 3.26.0.1988-5.02.5101 - Unauthorized Sensitive Information Exposure via File Overwrite
CVE-2015-2718
Opensuse < 37.0.2 - Information Disclosure
CVE-2015-2711
Opensuse < 37.0.2 - Information Disclosure
CVE-2015-3092
Adobe Flash Player <13.0.0.289 & Adobe AIR <17.0.0.172 - Memory Cor...
CVE-2015-3091
Adobe Flash Player <13.0.0.289 & Adobe AIR <17.0.0.172 - Memory Cor...
CVE-2015-3058
Adobe Reader/Acrobat <10.1.14, <11.0.11 - Info Disclosure
CVE-2015-1716
Microsoft Windows Schannel - Information Disclosure via Weak Diffie-Hellman Ephemeral Key Lengths
CVE-2015-1692
Microsoft Internet Explorer <11 - Info Disclosure
CVE-2015-1686
Microsoft VBScript/JScript <5.9 - Auth Bypass
CVE-2015-1684
Microsoft VBScript <5.9 - Auth Bypass
CVE-2015-1680
Microsoft Windows - Privilege Escalation
Details
Vulnerabilities
10,191
Exploit Likelihood
High