CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,191 vulnerabilities with CWE-200
CVE-2014-4998 HIGH
lean-ruport 0.3.8 - Info Disclosure
CVSS 7.8
CVE-2014-4997 HIGH
point-cli gem 0.0.1 - Info Disclosure
CVSS 7.8
CVE-2014-4995 HIGH
VladTheEnterprising 0.2 - Info Disclosure
CVSS 7.0
CVE-2014-4993 HIGH
backup-agoddard and backup_checksum - Local Credential Exposure via OpenSSL Command Line
CVSS 7.8
CVE-2014-4992 HIGH
cap-strap 0.1.5 - Exposure of Sensitive Information via Useradd Command Line
CVSS 7.8
CVE-2014-4991 HIGH
codders-dataset <1.3.2.1 - Info Disclosure
CVSS 7.8
CVE-2014-5394 MEDIUM
Huawei S9300/S9300E/S7700/S9700/S5700/S6700/S5300/S6300/S2300/S2700 Username Enumeration via SSH
CVSS 5.9
CVE-2014-3526 HIGH
Apache Wicket < 1.5.12, 6.x < 6.17.0, and 7.x < 7.0.0-M3 - Exposure of Sensitive Information via Page Markup Identifiers
CVSS 7.5
CVE-2014-8491 MEDIUM
Grand Flagallery < 4.24 - Unauthenticated Installation Path Exposure via Gallery PHP Request
CVSS 5.3
CVE-2014-9147 HIGH
Fiyo CMS < 2.0.1.8 - Exposure of Sensitive Information via Database Backup File
CVSS 7.5
CVE-2014-0043 MEDIUM
Apache Wicket <1.5.10,6.13.0 - Info Disclosure
CVSS 5.3
CVE-2014-2029 HIGH
Percona Toolkit <2.1 - Info Disclosure
CVSS 8.1
CVE-2014-8889 MEDIUM
Dropbox SDK for Android <1.6.2 - Info Disclosure
CVSS 5.3
CVE-2014-9616 HIGH
Netsweeper <4.1.2 - Info Disclosure
CVSS 7.5
CVE-2014-8174 CRITICAL
eDeploy < 1.11.0 - Exposure of Sensitive Information via HTTP File Download
CVSS 9.8
CVE-2014-8675 HIGH
soplanning < 1.32 - Exposure of Sensitive Information via ICAL Calendar Link
CVSS 7.5
CVE-2014-9483 HIGH
Emacs 24.4 - Exposure of Sensitive Information to an Unauthorized Actor
CVSS 7.5
CVE-2014-7860 MEDIUM
D-Link DNS-320L < 1.04b12 and DNS-327L < 1.03b04 - Unauthenticated Exposure of Sensitive Information via fb_publish.php
CVSS 5.3
CVE-2014-3462 HIGH
Opensuse Leap < 1.7.5 - Information Disclosure
CVSS 7.5
CVE-2014-9951 MEDIUM
Android TrustZone - Information Exposure Through Timing Discrepancy
CVSS 5.5
CVE-2014-9947 MEDIUM
Android TrustZone - Information Exposure
CVSS 5.5
CVE-2014-9970 HIGH
jasypt < 1.9.2 - Timing Attack via Password Hash Comparison
CVSS 7.5
CVE-2014-9680 LOW
sudo < 1.8.11 - Exposure of Sensitive Information via TZ Environment Variable
CVSS 3.3
CVE-2014-2960 HIGH
Vision Critical before 2014-05-30 - Arbitrary File Read
CVSS 7.5
CVE-2014-1677 HIGH
Technicolor TC7200 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 10,191
Exploit Likelihood High