CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,191 vulnerabilities with CWE-200
CVE-2015-0628
Cisco Web Security Appliance - Exposure of Sensitive Information via Malformed HTTP Method
CVE-2015-1618
McAfee DLPe <9.3.400 - Info Disclosure
CVE-2015-1613
RhodeCode Enterprise < 2.2.6 - Authenticated Sensitive Information Exposure via API Methods
CVE-2015-0260
Kallithea < 0.2 and RhodeCode < 2.2.7 - Authenticated Exposure of Sensitive Information via get_repo API
CVE-2015-0875
Ogaki Kyoritsu Bank Smartphone Passbook 1.0.0 - Unauthenticated Exposure of Sensitive Information via Log File
CVE-2015-0519
EMC Captiva Capture 7.0-7.1 - Exposure of Sensitive Information via DAL Log File
CVE-2015-0517
EMC Documentum D2 3.1-SP1, 4.0-4.1 P21, 4.2 P10 - Authenticated Sensitive Information Exposure via D2-API Log Files
CVE-2015-0255
X.Org Server < 1.16.3 and 1.17.x < 1.17.1 - Exposure of Sensitive Information via XkbSetGeometry Request
CVE-2015-0070
Microsoft Internet Explorer 6-11 - Cross-domain Information Disclosure via Crafted Web Site
CVE-2015-0061
Microsoft Windows - Information Disclosure via TIFF Image Processing
CVE-2015-0602
Cisco Unified IP 9900 Series Firmware < 9.4(1) - Exposure of Sensitive Information via Mobility Extension
CVE-2015-1482
Ansible Tower < 2.0.4 - Unauthenticated Sensitive Information Exposure via WebSocket Connection
CVE-2015-1480
ZOHO ManageEngine ServiceDesk Plus <9.0 build 9031 - Info Disclosure
CVE-2015-1457
Fortinet FortiAuthenticator 3.0.0 - Info Disclosure
CVE-2015-1456
Fortinet FortiAuthenticator 3.0.0 - Info Disclosure
CVE-2015-1357
Siemens Ruggedcom - Info Disclosure
CVE-2015-0597
Cisco WebEx Meetings Server < 1.5(.1.131) - Administrative Account Enumeration via Forgot Password Feature
CVE-2015-0595
Cisco WebEx Meetings Server < 1.5(1.131) - Exposure of Sensitive Information via XMLAPI GET Request
CVE-2015-0236
Mageia < 1.2.11 - Information Disclosure
CVE-2015-1308
kde-workspace <5.1.95 - Info Disclosure
CVE-2015-0310
HIGH
KEV
Adobe Flash Player < 11.2.202.438 - Memory Address Exposure via ASLR Bypass
CVSS 7.8
CVE-2015-1306
Sympa <6.0.10, <6.1.24 - Info Disclosure
CVE-2015-0514
EMC Watch4Net < 6.5 and ViPR SRM < 3.6.0 - Unauthorized Exposure of Sensitive Credentials
CVE-2015-0590
Cisco WebEx Meeting Center - Unauthorized Sensitive Information Exposure via Crafted Meeting Parameters
CVE-2015-0583
Cisco WebEx Meeting Center - Exposure of Sensitive Information via File URI Handling
Details
Vulnerabilities
10,191
Exploit Likelihood
High