CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,191 vulnerabilities with CWE-200
CVE-2015-1089
macOS < 10.10.3 and iOS < 8.3 - Same Origin Policy Bypass via CFNetwork Cookie Handling
CVE-2015-3030
McAfee MATD <3.4.4.63 - Info Disclosure
CVE-2015-1602
Siemens SIMATIC STEP 7 (TIA Portal) <13 SP1 Upd1 - Info Disclosure
CVE-2015-1890
IBM General Parallel File System 4.1 - Exposure of Sensitive Information via gpfs.snap Archive
CVE-2015-0777
Xen - Information Exposure via Uninitialized Memory in usbback Driver
CVE-2015-0992
Inductive Automation Ignition 7.7.2 - Info Disclosure
CVE-2015-0991
Inductive Automation Ignition 7.7.2 - Info Disclosure
CVE-2015-0902
Semper Fi All in One SEO Pack < 2.2.5.1 - Exposure of Sensitive Information via Meta Description Field
CVE-2015-0683
Cisco Unified Communications Domain Manager 8.1(4) - Authenticated Sensitive Information Exposure via File Inclusion
CVE-2015-2817
SAP NetWeaver 7.40 - Exposure of Sensitive Information via ReadProfile Parameters
CVE-2015-0800
Firefox < 36.0.4 - DNS Spoofing via Predictable PRNG in DNS Resolver
CVE-2015-2809
Synology DiskStation Manager < 3.1 - Information Disclosure via mDNS Responder
CVE-2015-1892
IBM Security Access Manager for Web 7.x < 7.0.0.12 and 8.x < 8.0.1.1 - Information Exposure via mDNS Responder
CVE-2015-2108
HP Operations Orchestration 9.x-10.x - Authenticated Exposure of Sensitive Information
CVE-2015-0999
Schneider Electric InduSoft Web Studio <7.1.3.4 - Info Disclosure
CVE-2015-0998
Schneider Electric InduSoft Web Studio <7.1.3.4 - Info Disclosure
CVE-2015-0997
Schneider Electric InduSoft Web Studio <7.1.3.4 - Info Disclosure
CVE-2015-0996
Schneider Electric InduSoft Web Studio <7.1.3.4 SP3 Patch 4 - Info ...
CVE-2015-0680
Cisco Unified Call Manager 9.1(2.1000.28) - Authenticated Arbitrary File Read
CVE-2015-2771
Websense TRITON AP-EMAIL and V-Series < 8.0.0 - Plaintext Credential Exposure
CVE-2015-2762
Websense TRITON AP-WEB < 7.8.3 - Windows Domain User Account Enumeration via HTTP Authentication
CVE-2015-2157
Debian Linux - Information Disclosure
CVE-2015-2748
Websense TRITON AP-WEB < 8.0.0 - Unauthenticated Exposure of Sensitive Information via Direct Request
CVE-2015-0673
Cisco Mobility Services Engine 8.0(110.0) - Authenticated Sensitive Information Exposure via Log Files or GUI
CVE-2015-0527
EMC Documentum xCelerated Management System 1.1 - Cleartext Credential Exposure in Batch File
Details
Vulnerabilities
10,191
Exploit Likelihood
High