CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2014-6064
McAfee Web Gateway 7.3.0-7.3.2.8 and 7.4.x < 7.4.2 - Authenticated Exposure of Hashed User Passwords via Accounts Tab
CVE-2014-5137
Innovative Interfaces Sierra Library Services Platform 1.2_3 - User Enumeration via Login Request Timing
CVE-2014-5076
Labanquepostale < 3.2 - Information Disclosure
CVE-2014-3862
HL7 C-CDA < 1.1 - Information Disclosure via CDA.xsl IMG Element
CVE-2014-5128
iii Encore Discovery Solution 4.3 - Session Token Exposure in URI
CVE-2014-3351
Cisco Cloud Portal - Unauthenticated Exposure of Sensitive Information via NULL Session
CVE-2014-0600
Novell GroupWise - Arbitrary File Read and Write via FileUploadServlet poLibMaintenanceFileSave Parameter
CVE-2014-3575
Redhat Enterprise Linux Desktop < 4.1.1 - Information Disclosure
CVE-2014-3022
IBM WebSphere Application Server 7.0.x-7.0.0.33 8.0.x-8.0.0.9 8.5.x-8.5.5.3 - Information Disclosure via Crafted URL
CVE-2014-0965
IBM WebSphere Application Server 7.0.x-7.0.0.33 8.0.x-8.0.0.9 8.5.x-8.5.5.3 Sensitive Information Exposure
CVE-2014-3562
389 Directory Server - Exposure of Sensitive Replicated Metadata via Directory Search
CVE-2014-4750
IBM PowerVC Express Edition <1.2.0 - Info Disclosure
CVE-2014-2521
EMC Documentum Content Server <7.1 P07 - Info Disclosure
CVE-2014-4615
OpenStack PyCADF <0.5.0, Telemetry <2013.2.4, Neutron <2014.1.2, Ju...
CVE-2014-3341
Cisco NX-OS < 7.0(3)N1(1) - VLAN Enumeration via SNMP Error Message Discrepancy
CVE-2014-3087
IBM Business Process Manager 7.5-8.5.5 - Authenticated XML External Entity Injection via callService.do
CVE-2014-3081
IBM Global Console Manager <1.20.0.22575 Authenticated Arbitrary File Read via prodtest.php
CVE-2014-3508
OpenSSL 0.9.8-0.9.8za 1.0.0-1.0.0m 1.0.1-1.0.1h - Information Exposure via OBJ_obj2txt Pretty Printing
CVE-2014-4746
IBM WebSphere Portal <8.0.0.1 CF13-<8.5.0 CF01 - SSRF
CVE-2014-3076
IBM Business Process Manager 8.5-8.5.5 - Exposure of Sensitive Information via JSP Diagnostic Page
CVE-2014-3853
Pyplate 0.08 - Exposure of Sensitive Information via Insecure Cookie Transmission
CVE-2014-3852
Pyplate 0.08 - Exposure of Sensitive Information via Missing HTTPOnly Flag in Set-Cookie Header
CVE-2014-3851
Pyplate 0.08 - Exposure of Sensitive Information via World-Readable passwd.db
CVE-2014-3517
OpenStack Nova < 2013.2.4 - Instance ID Signature Exposure via Metadata Request Timing
CVE-2014-2356
Innominate mGuard <7.6.4-8.0.3 - Info Disclosure
Details
Vulnerabilities
10,195
Exploit Likelihood
High