CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,194 vulnerabilities with CWE-200
CVE-2014-5094
status2k - Unauthenticated Sensitive Information Exposure via phpinfo Action
CVE-2014-4440
Apple OS X <10.10 - Info Disclosure
CVE-2014-4439
Mail in Apple OS X <10.10 - Info Disclosure
CVE-2014-4426
Apple OS X <10.10 - Info Disclosure
CVE-2014-2064
Jenkins <1.551, <1.532.2 - Info Disclosure
CVE-2014-8315
SAP BusinessObjects Explorer 14.0.5 - Port Scanning via polestar_xml.jsp cms Parameter
CVE-2014-8309
SAP BusinessObjects 4.0 and XI R2/R3.1 - Username Enumeration via SecEnterprise Authentication Timing
CVE-2014-3680
Jenkins < 1.583 and LTS < 1.565.3 - Authenticated Sensitive Information Exposure via Parameterized Job DOM
CVE-2014-3667
Redhat Openshift < 3.1 - Information Disclosure
CVE-2014-3662
Jenkins < 1.583 and LTS < 1.565.3 - User Enumeration via Login Attempts
CVE-2014-1830
Requests <2.3.0 - Info Disclosure
CVE-2014-1829
Requests <2.3.0 - Info Disclosure
CVE-2014-1580
Mozilla Firefox <33.0 - Info Disclosure
CVE-2014-7284
Linux kernel 3.13.x-3.14.x - Info Disclosure
CVE-2014-1571
Bugzilla < 4.0.15, 4.1.x-4.2.x < 4.2.11, 4.3.x-4.4.x < 4.4.6, 4.5.x < 4.5.6 - Sensitive Info Exposure
CVE-2014-4874
BMC Track-It! 11.3.0.355 - Info Disclosure
CVE-2014-4761
IBM WebSphere Portal - Info Disclosure
CVE-2014-5270
Libgcrypt < 1.5.4 - Side-Channel Key Extraction via Voltage Analysis
CVE-2014-8068
Adobe Digital Editions 4 - Unencrypted Sensitive Data Transmission
CVE-2014-7231
OpenStack <2013.2.4 & <2014.1.3 - Info Disclosure
CVE-2014-7230
OpenStack <2013.2.4 & <2014.1.3 - Info Disclosure
CVE-2014-3641
OpenStack Cinder < 2014.1.3 - Authenticated Sensitive Information Exposure via Crafted qcow2 Header
CVE-2014-3400
Cisco WebEx Meetings Server - Authenticated Sensitive Information Exposure via Log Reading
CVE-2014-3398
Cisco Adaptive Security Appliance Software - Sensitive Information Exposure via SSL VPN Verbose Response
CVE-2014-3621
OpenStack Keystone <2013.2.3/2014.1<2014.1.2.1 Authenticated Sensitive Info Exposure
Details
Vulnerabilities
10,194
Exploit Likelihood
High