CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2014-3621
OpenStack Keystone <2013.2.3/2014.1<2014.1.2.1 Authenticated Sensitive Info Exposure
CVE-2014-4765
IBM Maximo Asset Mgmt <7.5.0.6 - Info Disclosure
CVE-2014-3105
IBM Rational ClearQuest 7.1-8.0.1 - Unauthenticated User Enumeration via OSLC Login Error Messages
CVE-2014-3103
IBM Rational ClearQuest 7.1-8.0.1 - Session Cookie Exposure via Missing Secure Flag
CVE-2014-5320
Bump - Unauthorized Sensitive Information Exposure via Implicit Intent Handling
CVE-2014-4403
Apple OS X <10.9.5 - Info Disclosure
CVE-2014-4826
IBM Security QRadar SIEM <7.2.3 - Info Disclosure
CVE-2014-4819
IBM WebSphere Message Broker <8.0.0.6 & IBM Integration Bus <9.0.0....
CVE-2014-4409
iPhone OS < 7.1.2 - Unauthorized Data Exposure via HTML5 Application Cache
CVE-2014-4407
LOW
Apple tvOS < 6.2 - Unauthorized Memory Content Exposure via IOKit Function Calls
CVSS 3.3
CVE-2014-4362
iPhone OS < 7.1.2 - Unauthorized Apple ID Information Exposure via Sandbox Profile
CVE-2014-4361
iPhone OS < 7.1.2 - Unauthorized Sensitive Information Exposure via Home & Lock Screen API
CVE-2014-4357
Apple tvOS < 6.2 and iPhone OS < 7.1.2 - Unauthorized Sensitive Information Exposure via Log Data
CVE-2014-4356
iPhone OS < 7.1.2 - Unauthorized Sensitive Information Exposure via Lock Screen Text-Message Preview
CVE-2014-3077
IBM Storwize V7000 Unified 1.3.x-1.4.3.3 - Exposure of Sensitive Information in Audit Log
CVE-2014-2377
Ecava IntegraXor SCADA Server <4.1.4360 - Info Disclosure
CVE-2014-2009
mpay24 < 1.5.1 - Unauthenticated Sensitive Information Exposure via Direct Request to API Log
CVE-2014-3092
IBM Rational Doors Next Generation & Rational Engineering Lifecycle Manager - Session Cookie Exposure
CVE-2014-0909
IBM Rational License Key Server 8.1.4.x < 8.1.4.4 - Session Cookie Exposure via Insecure Flag
CVE-2014-0153
oVirt < 3.4.0 - Exposure of Sensitive Information via HTML5 Local Storage
CVE-2014-4863
Arris Touchstone DG950A <7.10.131 - Info Disclosure
CVE-2014-4862
Netmaster CBW700N - Info Disclosure
CVE-2014-5036
Eucalyptus 3.4.2-4.0.x - Exposure of Sensitive Information in Storage Controller Logs
CVE-2014-5377
ManageEngine DeviceExpert < 5.9 - Unauthenticated Exposure of Sensitive Information via ReadUsersFromMasterServlet
CVE-2014-4805
IBM DB2 10.5 - Exposure of Sensitive Information via Temporary Files in CDE Table LOAD Operations
Details
Vulnerabilities
10,195
Exploit Likelihood
High