CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,194 vulnerabilities with CWE-200
CVE-2014-9593
Apache CloudStack <4.3.2, <4.4.2 - Info Disclosure
CVE-2014-8637
Mozilla Firefox <35.0 & SeaMonkey <2.32 - Info Disclosure
CVE-2014-5233
SIMATIC WinCC Sm@rtClient < 1.0 - Exposure of Sm@rtServer Credentials via Credential-Processing Error
CVE-2014-5231
SIMATIC WinCC Sm@rtClient < 1.0.2 - Unauthenticated Password Exposure via Local Storage
CVE-2014-10026
D-Link DAP-1360 Firmware < 2.5.4 - Unauthenticated Sensitive Information Exposure via client_login Cookie
CVE-2014-10005
Maian Uploader 4.0 - Unauthenticated Sensitive Information Exposure via Missing Height Parameter
CVE-2014-100009
Joomlaskin JS Multi Hotel < 2.2.1 - Unauthenticated Installation Path Exposure via Multiple Scripts
CVE-2014-8035
Cisco WebEx Meetings Server - User Enumeration via Username Existence Check
CVE-2014-8032
Cisco WebEx Meetings Server - Authenticated Sensitive Information Exposure via OutlookAction LI
CVE-2014-9579
VDG Security SENSE <2.3.13 - Info Disclosure
CVE-2014-9577
VDG Security SENSE <2.3.13 - Info Disclosure
CVE-2014-9576
VDG Security SENSE 2.3.13 - Info Disclosure
CVE-2014-4638
EMC Documentum WDK < 6.7 - Exposure of Sensitive Information via Frame Injection
CVE-2014-9506
MantisBT < 1.2.17 - Authenticated Exposure of Sensitive Information via Monitored Issue Email
CVE-2014-1908
VideoWhisper Live Streaming <4.29.5 - Info Disclosure
CVE-2014-6123
IBM Rational and Security AppScan Source - Credential Exposure in Installation Logs
CVE-2014-6229
Facebook HipHop Virtual Machine <3.3.0 - Info Disclosure
CVE-2014-9419
Linux kernel <3.18.1 - Privilege Escalation
CVE-2014-7993
Cisco Meraki MS, MR, MX Firmware < 2014-09-24 - Sensitive Credential Exposure via HTTP Handler
CVE-2014-5215
NetIQ Access Manager 4.x - Authenticated Exposure of Sensitive Information via Monitoring and Debug Endpoints
CVE-2014-8025
Cisco Jabber Guest Server - Exposure of Sensitive Information via HTTP GET/POST Responses
CVE-2014-8024
Cisco Jabber Guest Server - Exposure of Sensitive Information via HTTP Request Sniffing
CVE-2014-8017
Cisco Identity Services Engine Software - Exposure of Sensitive Information via Periodic Backup Feature
CVE-2014-8007
Cisco Prime Infrastructure - Authenticated Exposure of Sensitive Information via Quick Discovery Options Page
CVE-2014-3410
Cisco Adaptive Security Appliance Software - Administrator Password Exposure via Syslog Message
Details
Vulnerabilities
10,194
Exploit Likelihood
High