CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2014-3801
OpenStack Heat 2013.2-2013.2.3 and 2014.1 - Authenticated Provider Template URL Exposure via Resource-Type-List
CVE-2014-3803
Google Chrome < 35.0.1916.114 - Unauthenticated Exposure of Sensitive Information via SpeechInput Feature
CVE-2014-2199
Cisco WebEx Suite 27-29 & Meetings Server <1.5(.1.131) - Sensitive Meeting Info Exposure
CVE-2014-3787
SAP NetWeaver < 7.20 - Unauthenticated Exposure of Sensitive Information via SAP CUA Tables
CVE-2014-1808
Microsoft Office <2013 - Info Disclosure
CVE-2014-0521
Adobe Reader and Acrobat 10.x < 10.1.10 and 11.x < 11.0.07 - Information Disclosure via JavaScript API
CVE-2014-3242
SOAPpy 0.12.5 - XML External Entity Injection via SOAP Request
CVE-2014-2301
OrbiTeam BSCW <5.0.8 - Info Disclosure
CVE-2014-1738
Linux kernel <3.14.3 - Info Disclosure
CVE-2014-0946
IBM Operational Decision Manager 7.5-8.5 - Exposure of Sensitive Information via RES Console Cache-Control Headers
CVE-2014-0134
OpenStack Compute (Nova) <2013.2.3-2014.1 - Info Disclosure
CVE-2014-2347
Amtelco miSecureMessages <6.2 - Info Disclosure
CVE-2014-0896
IBM WebSphere Application Server Liberty Profile 8.5.x - Exposure of Sensitive Information via Crafted Request
CVE-2014-0823
IBM WebSphere Application Server 8.x < 8.0.0.9 and 8.5.x < 8.5.5.2 - Arbitrary File Read via Crafted URL
CVE-2014-0857
IBM WebSphere Application Server 8.x < 8.0.0.9 and 8.5.x < 8.5.5.2 - Authenticated Sensitive Information Exposure
CVE-2014-0786
Ecava IntegraXor < 4.1.4393 - Unauthenticated Cleartext Credential Exposure via SELECT Statements
CVE-2014-3129
SAP NetWeaver Software Lifecycle Manager - Exposure of Sensitive Information via Java Server Pages
CVE-2014-2545
TIBCO Slingshot < 1.9.0 - Exposure of Sensitive Information via Crafted HTTP Request
CVE-2014-2185
Cisco Unified Communications Manager - Info Disclosure
CVE-2014-2383
dompdf < 0.6.1 - Arbitrary File Read via PHP Wrapper in input_file Parameter
CVE-2014-2392
Open-Xchange AppSuite <7.4.2 - Info Disclosure
CVE-2014-2391
Open-Xchange AppSuite < 7.2.2 - Exposure of Sensitive Information via Password Recovery Service
CVE-2014-0892
IBM Notes and Domino 8.5.x-8.5.3 FP6 IF3 and 9.x-9.0.1 FP1 - Remote Code Execution via Missing NX Protection
CVE-2014-2983
Drupal 6.x < 6.31 and 7.x < 7.27 - Unauthenticated Exposure of Sensitive Information via Cached Form Data
CVE-2014-1322
macOS < 10.9.2 - Unprotected Kernel Pointer Exposure via XNU Object Attribute
Details
Vulnerabilities
10,195
Exploit Likelihood
High