CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,191 vulnerabilities with CWE-200
CVE-2015-1679
Microsoft Windows - Privilege Escalation
CVE-2015-1678
Microsoft Windows - Privilege Escalation
CVE-2015-1677
Microsoft Windows - Privilege Escalation
CVE-2015-1676
Microsoft Windows - Privilege Escalation
CVE-2015-1670
Microsoft .NET Framework <4.5.2 - Info Disclosure
CVE-2015-3981
SAP NetWeaver RFC SDK - Exposure of Sensitive Information
CVE-2015-3978
SAP Sybase Unwired Platform - Info Disclosure
CVE-2015-3646
OpenStack Identity (Keystone) <2014.1.5-2014.2.4 - Info Disclosure
CVE-2015-1907
IBM Rational License Key Server 8.1.4 - Authenticated Cookie Exposure
CVE-2015-3153
cURL <7.42.1 - Info Disclosure
CVE-2015-3448
REST client for Ruby <1.7.3 - Info Disclosure
CVE-2015-3340
Xen 4.2.x-4.5.x - Information Disclosure via Uninitialized Memory in Domain Info Requests
CVE-2015-0174
IBM WebSphere Application Server 8.5 - Authenticated Sensitive Information Exposure via SNMP
CVE-2015-0113
IBM Rational Software Architect Design Manager 4.0-4.0.7/5.0-5.0.2 - Unauthenticated JSP Source Code Exposure
CVE-2015-0846
django-markupfield < 1.3.2 - Arbitrary File Read via Default RESTRUCTUREDTEXT_FILTER_SETTINGS
CVE-2015-3404
Drupal Certify <6.x-2.3 - Auth Bypass
CVE-2015-3391
Path Breadcrumbs < 7.x-3.1 - Unauthorized Sensitive Information Exposure via 403 Page
CVE-2015-3373
Amazon AWS <7.x-1.3 - Info Disclosure
CVE-2015-1247
Google Chrome <42.0.2311.90 - Info Disclosure
CVE-2015-1244
Google Chrome <42.0.2311.90 - Info Disclosure
CVE-2015-0969
SearchBlox < 8.1 - Exposure of Sensitive Information via _cluster/health URI
CVE-2015-0938
Blue Coat Malware Analysis Appliance < 4.2.3.20150129 - Unauthenticated Arbitrary File Read via search.php
CVE-2015-3320
Lenovo USB Enhanced Performance Keyboard <2.0.2.2 - Info Disclosure
CVE-2015-1314
USAA Mobile Banking <7.10.1 - Info Disclosure
CVE-2015-3319
Hotspot Express hotEx Billing Manager 73 - Info Disclosure
Details
Vulnerabilities 10,191
Exploit Likelihood High