CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,191 vulnerabilities with CWE-200
CVE-2014-9692 HIGH
Huawei Tecal RH Series Firmware - Exposure of Sensitive Information via RMCP+ Session ID
CVSS 7.5
CVE-2014-9691 MEDIUM
Huawei Tecal RH and XH Series Firmware - Exposure of Sensitive Information via Online Users Page
CVSS 6.5
CVE-2014-8570 MEDIUM
Huawei VRP MPLS LSP Ping Unintended Interface Exposure of Device IP Addresses
CVSS 5.3
CVE-2014-8723 MEDIUM
GetSimple CMS 3.3.4 - Info Disclosure
CVSS 5.3
CVE-2014-8722 HIGH
GetSimple CMS 3.3.4 - Info Disclosure
CVSS 7.5
CVE-2014-8706 MEDIUM
Pluck CMS 4.7.2 - Sensitive Information Exposure via Session and Image Parameter Manipulation
CVSS 5.3
CVE-2014-8702 MEDIUM
Wonder CMS 2014 - Info Disclosure
CVSS 5.3
CVE-2014-8701 HIGH
Wonder CMS 2014 - Info Disclosure
CVSS 7.5
CVE-2014-8688 HIGH
Telegram Messenger <2.6-1.8.2 - Info Disclosure
CVSS 7.5
CVE-2014-9900 MEDIUM
Linux Kernel < 4.7 and Android < 6.0.1 - Information Disclosure in ethtool_get_wol
CVSS 5.5
CVE-2014-9899 MEDIUM
Android < 6.0.1 - Information Disclosure via USB Host Driver
CVSS 5.5
CVE-2014-9898 MEDIUM
Android < 6.0.1 - Information Disclosure via USF Driver Input Validation
CVSS 5.5
CVE-2014-9897 MEDIUM
Android < 6.0.1 - Information Disclosure in Qualcomm LSM Client
CVSS 5.5
CVE-2014-9896 MEDIUM
Android < 6.0.1 - Information Disclosure in Qualcomm ADSPRPC Driver
CVSS 5.5
CVE-2014-9895 MEDIUM
Linux Kernel < 3.11 and Android < 6.0.1 - Information Exposure via Uninitialized Data Structures
CVSS 5.5
CVE-2014-9894 MEDIUM
Android < 6.0.1 - Information Exposure via QSEECOM Driver Name String Handling
CVSS 5.5
CVE-2014-9893 MEDIUM
Android < 6.0.1 - Information Disclosure via Gamut LUT Data Size Mismatch
CVSS 5.5
CVE-2014-9892 MEDIUM
Android < 6.0.1 and Linux Kernel < 4.7 - Information Exposure via Uninitialized Timestamp
CVSS 5.5
CVE-2014-9903 MEDIUM
Linux Kernel 3.14-rc before 3.14-rc4 - Information Disclosure via sched_getattr System Call
CVSS 5.5
CVE-2014-9759 MEDIUM
MantisBT 1.3.x - Exposure of Sensitive Information via SOAP API Request
CVSS 5.3
CVE-2014-4876 LOW
Toshiba 4690 OS 6 R3 - Info Disclosure
CVSS 3.7
CVE-2014-8450
Adobe Acrobat/Reader Sensitive Information Exposure (10.x < 10.1.15, 11.x < 11.0.12, DC < 2015.006.30060/2015.008.20082)
CVE-2014-4875
Toshiba CHEC <6.6.4014 and <6.7.4329 - Info Disclosure
CVE-2014-8607
XCloner 3.1.1 and 3.5.1 - Exposure of Sensitive Information via Command Line Arguments
CVE-2014-8604
XCloner 3.1.1 and 3.5.1 - Unauthenticated Exposure of MySQL Password in Configuration Panel
Details
Vulnerabilities 10,191
Exploit Likelihood High