CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2014-1320
Apple iOS < 7.1.1, OS X <= 10.9.2, and tvOS < 6.1.1 - ASLR Bypass via IOKit Kernel Pointer Exposure
CVE-2014-2719
ASUS RT Series Firmware - Authenticated Administrator Credential Exposure via Advanced_System_Content.asp
CVE-2014-0778
Progea Movicon - Unauthenticated Sensitive Information Exposure via TCPUploader Port 10651
CVE-2014-0644
EMC Cloud Tiering Appliance 10-SP1 - XML External Entity Injection via API Login Request
CVE-2014-2873
CommonSpot Content Server < 7.0.2 and 8.x < 8.0.3 - Unauthenticated Sensitive Information Exposure via Log File Access
CVE-2014-2872
CommonSpot Content Server < 7.0.2 and 8.x < 8.0.3 - Information Exposure via Directory Listing
CVE-2014-2871
CommonSpot Content Server < 7.0.2 and 8.x < 8.0.3 - Sensitive Information Exposure via Session Sniffing
CVE-2014-2869
CommonSpot Content Server < 7.0.2 and 8.x < 8.0.3 - Exposure of Sensitive Information via URI Requests
CVE-2014-0772
Advantech WebAccess < 7.1 - Exposure of Sensitive Information via OpenUrlToBufferTimeout Method
CVE-2014-0771
Advantech WebAccess < 7.1 - Exposure of Sensitive Information via OpenUrlToBuffer Method
CVE-2014-2749
SAP HANA - Exposure of Sensitive Information via Malformed HTTP GET Request
CVE-2014-1515
Firefox < 28.0 - Exposure of Sensitive Information via file: URL Processing
CVE-2014-2567
Trojita < 0.4.1 - Unauthenticated Exposure of Sensitive Information via PREAUTH Response
CVE-2014-0708
Cisco WebEx Meeting Center - Information Exposure via URL Composition
CVE-2014-1505
HIGH
Firefox < 28.0 - Information Exposure via SVG Filter Timing Attack
CVSS 7.5
CVE-2014-1274
iPhone OS < 7.0.6 - Unauthenticated Sensitive Information Exposure via FaceTime Lock Screen
CVE-2014-0504
Adobe Flash Player <11.7.700.272-12.0.0.77 - Info Disclosure
CVE-2014-0323
Microsoft Windows - Info Disclosure
CVE-2014-2264
Synology DSM 4.3-3810 - Info Disclosure
CVE-2014-2038
Linux kernel <3.13.3 - Info Disclosure
CVE-2014-1690
Linux kernel <3.12.8 - Info Disclosure
CVE-2014-0746
Cisco Unified Contact Center Express Editor - Authenticated Sensitive Info Exposure via DRS HTML
CVE-2014-1962
SAP CRM 7.02 EHP 2 - Info Disclosure
CVE-2014-0293
Microsoft Internet Explorer <11 - Info Disclosure
CVE-2014-0266
Microsoft XML Core Services - Info Disclosure
Details
Vulnerabilities
10,195
Exploit Likelihood
High