CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,194 vulnerabilities with CWE-200
CVE-2014-7259
SQUARE ENIX Co., Ltd. Kaku-San-Sei Million Arthur <2.25 - Privilege...
CVE-2014-7243
LG Electronics Mobile WiFi < - Info Disclosure
CVE-2014-4702
Nagios Plugins <2.0.2 - Info Disclosure
CVE-2014-4701
Nagios Plugins <2.0.2 - Info Disclosure
CVE-2014-3561
Red Hat Enterprise Virtualization 3.4 - Exposure of Sensitive Information via rhevm-log-collector Command Line
CVE-2014-9018
icecast < 2.4.1 - Exposure of Sensitive Information via on-connect Script Output
CVE-2014-8775
MODX Revolution <2.2.15 - Info Disclosure
CVE-2014-9177
HTML5 MP3 Player <2.7 - Info Disclosure
CVE-2014-8874
TYPO3 ke_questionnaire <2.5.2 - Info Disclosure
CVE-2014-8788
GleamTech FileVista <6.1 - Info Disclosure
CVE-2014-9156
FileField module <6.x-3.13 - Info Disclosure
CVE-2014-9154
Drupal Notify module <7.x-1.1 - Info Disclosure
CVE-2014-8425
ARRIS VAP2500 Firmware < 08.41 - Unauthenticated Exposure of Sensitive Information via Configuration Files
CVE-2014-6075
IBM QRadar SIEM, QRadar Risk Manager, and QRadar Vulnerability Manager - Credentials Exposure in URLs
CVE-2014-4832
IBM Security QRadar SIEM & QRadar Risk Manager <7.1 MR2 - Info Disc...
CVE-2014-8552
SIMATIC WinCC 7.0-7.3, PCS 7 7.1-8.1, TIA Portal 13 - Unauthenticated Arbitrary File Read
CVE-2014-8678
ManageEngine OpUtils <build 71024 - Info Disclosure
CVE-2014-7848
Moodle < 2.4.11 and 2.6.0-2.6.6 - Sensitive Information Exposure via Direct Request to bootstrap.php
CVE-2014-7833
Moodle < 2.4.11, 2.5.x < 2.5.9, 2.6.x < 2.6.6, 2.7.x < 2.7.3 - Sensitive Information Exposure
CVE-2014-7831
Moodle 2.7.0-2.7.2 - Authenticated Sensitive Information Exposure via get_grades Web Service
CVE-2014-5325
Direct Web Remoting < 2.0.10 and 3.x < 3.0.RC2 - XML External Entity Injection via DOM Converter
CVE-2014-6477
Oracle Database Server <12.1 - Confidentiality
CVE-2014-7195
TIBCO Spotfire <6.0.2-6.5.2 - Info Disclosure
CVE-2014-9025
Drupal Commerce <7.x-1.10 - Info Disclosure
CVE-2014-6624
Aruba Networks ClearPass <6.3.6, <6.4.1 - Info Disclosure
Details
Vulnerabilities 10,194
Exploit Likelihood High