CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,194 vulnerabilities with CWE-200
CVE-2014-8665
SAP Business Intelligence Development Workbench - Info Disclosure
CVE-2014-2374
AXN-NET Ethernet module accessory 3.04 - Info Disclosure
CVE-2014-6130
IBM Notes Traveler < 9.0.1.2 - Exposure of Sensitive Information via HTTP Session Selection
CVE-2014-4974
ESET Personal Firewall <Build 1212 - Info Disclosure
CVE-2014-4311
Epicor Enterprise <7.4 - Info Disclosure
CVE-2014-3615
QEMU < 2.1.3 - Unauthorized Memory Read via High-Resolution Display Setting
CVE-2014-8244
Linksys SMART WiFi Firmware - Exposure of Sensitive Information via JNAP HTTP Request
CVE-2014-8082
TestLink < 1.9.12 - Path Disclosure via Database Error Message
CVE-2014-8537
McAfee Network Data Loss Prevention < 9.2.2 - Unauthorized Sensitive Information Exposure via Log Files
CVE-2014-8536
McAfee Network Data Loss Prevention < 9.2.2 - Unauthorized Sensitive Information Exposure via Error Messages
CVE-2014-8528
McAfee Network Data Loss Prevention < 9.3 - Exposure of Sensitive Information via Audit Log
CVE-2014-8526
McAfee Network Data Loss Prevention < 9.3 - Unauthorized Sensitive Information Exposure via Java Stack Trace
CVE-2014-8525
McAfee Network Data Loss Prevention < 9.3 - Session Cookie Exposure via Missing HTTPOnly Flag
CVE-2014-8524
McAfee Network Data Loss Prevention < 9.3 - Unauthenticated Exposure of Sensitive Information via Autocomplete
CVE-2014-8520
McAfee Network Data Loss Prevention < 9.3 - Exposure of Sensitive Information via Open Network Ports
CVE-2014-3698
Pidgin < 2.10.10 - Information Disclosure via Crafted XMPP Message
CVE-2014-4821
IBM WebSphere Portal <8.5.0 - Info Disclosure
CVE-2014-4812
IBM Security AppScan Source <9.0.1 - Info Disclosure
CVE-2014-4620
EMC NetWorker Module for MEDITECH <3.0 build 90 - Info Disclosure
CVE-2014-4766
IBM Sametime Classic Meeting Server <8.5.x - Info Disclosure
CVE-2014-8762
DokuWiki <2014-05-05a - Info Disclosure
CVE-2014-8761
DokuWiki <2014-05-05a - Info Disclosure
CVE-2014-5449
Zarafa WebAccess and WebApp - Exposure of Sensitive Information via World-Readable Temporary Files
CVE-2014-5448
Zarafa 5.00 - Unauthorized Sensitive Information Exposure via World-Readable Log Files
CVE-2014-5447
Zarafa WebApp 1.6 beta - Exposure of Sensitive Information via Weak config.php Permissions
Details
Vulnerabilities 10,194
Exploit Likelihood High