CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,191 vulnerabilities with CWE-200
CVE-2015-0922
McAfee ePolicy Orchestrator < 4.6.9 and 5.x < 5.1.2 - Authenticated Credential Exposure via Shared Secret Key
CVE-2014-125102
MEDIUM
Bestwebsoft Relevant < 1.0.8 - Information Disclosure in Thumbnail Handler
CVSS 4.3
CVE-2014-125093
MEDIUM
Ad Blocking Detector Plugin < 1.2.2 - Information Disclosure in ad-blocking-detector.php
CVSS 4.3
CVE-2014-8940
MEDIUM
Lexiglot <2014-11-20 - Info Disclosure
CVSS 5.3
CVE-2014-4019
HIGH
ZTE ZXV10 W300 W300V1.0.0a_ZRD_LK - Unauthenticated Sensitive Information Exposure
CVSS 7.5
CVE-2014-4658
MEDIUM
Ansible < 1.5.5 - Unauthorized Exposure of Sensitive Vault Key Information
CVSS 5.5
CVE-2014-9127
MEDIUM
Open-School CE 2.2 - Info Disclosure
CVSS 6.5
CVE-2014-7863
HIGH
ManageEngine Applications Manager <11.9/OpManager 8-11.5/IT360 <=10.5 - Unauthenticated Arbitrary File Read
CVSS 7.5
CVE-2014-8328
MEDIUM
Dynamic Content Elements < 0.11.5 - Exposure of Sensitive Installation Environment Information via Update Check Request
CVSS 5.3
CVE-2014-9481
MEDIUM
MediaWiki < 1.19.23 - Exposure of Sensitive Information via Scribunto Extension
CVSS 5.9
CVE-2014-6038
HIGH
ManageEngine Eventlog Analyzer Managed Hosts Administrator Credential Disclosure
CVSS 7.5
CVE-2014-5011
MEDIUM
dompdf < 0.6.2 - Information Disclosure
CVSS 6.5
CVE-2014-3753
MEDIUM
1Password < 1.0.9.340 - Security Feature Bypass
CVSS 5.5
CVE-2014-5209
MEDIUM
NTP 4.2.7p25 - Information Disclosure via GET_RESTRICT Control Message
CVSS 5.3
CVE-2014-6275
MEDIUM
FusionForge <5.3.2 - Info Disclosure
CVSS 5.9
CVE-2014-0242
HIGH
mod_wsgi < 3.4 - Exposure of Sensitive Information via Content-Type Header
CVSS 7.5
CVE-2014-3591
MEDIUM
GnuPG < 1.4.19 and Libgcrypt < 1.6.3 - Private Key Exposure via Elgamal Decryption Side Channel
CVSS 4.2
CVE-2014-10388
MEDIUM
WP Support Plus Responsive Ticket System < 4.2 - Full Path Disclosure
CVSS 5.3
CVE-2014-10374
MEDIUM
Fitbit Charge 2 Firmware - Unauthorized Exposure of Sensitive Device Tracking Information via Static BLE Addresses
CVSS 6.5
CVE-2014-9699
HIGH
MakerBot Replicator 5G - Info Disclosure
CVSS 7.5
CVE-2014-10079
MEDIUM
Vembu StoreGrid 4.4.x - Exposure of Sensitive Information via Index Page Hidden Form Value
CVSS 5.3
CVE-2014-10076
HIGH
wp-db-backup 2.2.4 - Unauthenticated Exposure of Sensitive Backup Data via Brute-Force Attack
CVSS 7.5
CVE-2014-6048
MEDIUM
phpmyfaq < 2.8.13 - Unauthenticated Arbitrary Attachment Read
CVSS 5.3
CVE-2014-0882
MEDIUM
IBM Integrated Management Module Firmware - Authenticated Exposure of Sensitive Information via Service Advisor Data
CVSS 6.5
CVE-2014-0872
MEDIUM
IBM Security Key Lifecycle Manager 2.5 - Unencrypted Credential Storage
CVSS 4.1
Details
Vulnerabilities
10,191
Exploit Likelihood
High