CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,191 vulnerabilities with CWE-200
CVE-2014-0912
MEDIUM
IBM Sterling B2B Integrator and Sterling File Gateway - Exposure of Sensitive Information via Error Page
CVSS 5.3
CVE-2014-6112
MEDIUM
IBM Security Identity Manager - Exposure of Sensitive Information via Weak SSL Ciphers
CVSS 5.9
CVE-2014-6109
MEDIUM
IBM Security Identity Manager - Authenticated Information Disclosure via LDAP Query
CVSS 5.3
CVE-2014-6108
MEDIUM
IBM Security Identity Manager Sensitive Information Exposure via Unencrypted Connection
CVSS 5.9
CVE-2014-4782
MEDIUM
IBM InfoSphere BigInsights 2.1.2 - Info Disclosure
CVSS 6.5
CVE-2014-10062
HIGH
Qualcomm Snapdragon Mobile and Wear Firmware - Unauthorized Data Connection Initiation via Exported LocationService
CVSS 7.5
CVE-2014-10055
HIGH
Qualcomm Snapdragon Mobile SD 400/800 Firmware - Sensitive Information Exposure via OCMEM xPU
CVSS 7.5
CVE-2014-10047
HIGH
Qualcomm SD 400 and SD 800 Firmware - Exposure of Sensitive Information via Full Disk Encryption Key Handling
CVSS 7.5
CVE-2014-1686
MEDIUM
MediaWiki 1.18.0 - Information Exposure via Thumbnail Creation
CVSS 5.3
CVE-2014-6309
HIGH
Kaazing Gateway <4.0.4 - Info Disclosure
CVSS 7.5
CVE-2014-2078
MEDIUM
Open-Xchange OX AppSuite <7.4.2-rev9 - Info Disclosure
CVSS 5.3
CVE-2014-2359
MEDIUM
OleumTech Wireless Sensor Network - Info Disclosure
CVSS 5.9
CVE-2014-5028
MEDIUM
Review Board 1.7.0-1.7.26 - Authenticated Exposure of Sensitive Information via Database ID
CVSS 6.5
CVE-2014-5132
MEDIUM
Avolve Software ProjectDox 8.1 - User Enumeration via Email Address
CVSS 4.3
CVE-2014-5131
MEDIUM
Avolve Software ProjectDox 8.1 - Authenticated Exposure of Sensitive Information via Ciphertext Reuse
CVSS 6.5
CVE-2014-5130
MEDIUM
Avolve Software ProjectDox 8.1 - Authenticated Exposure of Sensitive Information via Direct Access Token
CVSS 6.5
CVE-2014-5450
MEDIUM
Zarafa Collaboration Platform 4.1 - Unauthorized Sensitive Information Exposure via World-Readable License File
CVSS 5.5
CVE-2014-4024
MEDIUM
F5 BIG-IP <10.2.4 HF9, <11.2.1 HF12, <11.3.0 HF10, <11.4.0 HF8, <11...
CVSS 5.9
CVE-2014-2885
HIGH
TrueCrypt 7.1a - Integer Overflow in EncryptedIoQueue.c and Ntdriver.c
CVSS 7.1
CVE-2014-2884
LOW
TrueCrypt 7.1a - Local Information Disclosure via IOCTL Calls
CVSS 3.3
CVE-2014-6437
CRITICAL
Aztech DSL5018EN DSL705E DSL705EU - Unauthenticated Sensitive Information Exposure via ROM File
CVSS 9.8
CVE-2014-5004
HIGH
brbackup 0.1.1 - Exposure of Sensitive Information via MySQL Command Line
CVSS 7.8
CVE-2014-5001
HIGH
Ksymfony1.rb <2.1.6 - Info Disclosure
CVSS 7.8
CVE-2014-5000
HIGH
lawn-login <0.0.7 - Info Disclosure
CVSS 7.8
CVE-2014-4999
HIGH
kajam 1.0.3.rc2 - Exposure of Sensitive Information via MySQL Command Line
CVSS 7.8
Details
Vulnerabilities
10,191
Exploit Likelihood
High