CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,195 vulnerabilities with CWE-200
CVE-2014-1931
Visibility Software Cyber Recruiter <8.1.00 - Info Disclosure
CVE-2014-1930
Visibility Software Cyber Recruiter <8.1.00 - Info Disclosure
CVE-2014-0815
Opera Browser < 18 - Unauthenticated Exposure of Sensitive Information via Intent URL
CVE-2014-1484
Firefox < 27.0 - Sensitive Information Exposure via Android System Log
CVE-2014-1664
Citrix GoToMeeting <5.0.799.1238 - Info Disclosure
CVE-2014-0006
OpenStack Swift <1.8.0, <1.10.0, <1.11.0 - Info Disclosure
CVE-2014-0806
Sleipnir Mobile < 2.12.1 - Unauthenticated Exposure of Sensitive Location Information via Geolocation API
CVE-2014-1637
Command School Student Management System <1.06.01 - Info Disclosure
CVE-2014-1234
paratrooper-newrelic 1.0.1 - Exposure of Sensitive Information via Process Listing
CVE-2014-1233
paratrooper-pingdom - Exposure of Sensitive Information via Process Listing
CVE-2013-10030 MEDIUM
Exit Box Lite Plugin <1.10 - Info Disclosure
CVSS 4.3
CVE-2013-10024 LOW
Exit Strategy Plugin 1.55 - Info Disclosure
CVSS 3.5
CVE-2013-10007 MEDIUM
ethitter WP-Print-Friendly <0.5.2 - Info Disclosure
CVSS 5.3
CVE-2013-3587 MEDIUM
F5 BIG-IP - Exposure of Sensitive Information via BREACH Attack
CVSS 5.9
CVE-2013-4088 MEDIUM
OTRS 3.0.0-3.0.20 - Authenticated Exposure of Sensitive Information via Ticket Split Mechanism
CVSS 6.5
CVE-2013-3551 MEDIUM
OTRS 3.0.x < 3.0.20, 3.1.x < 3.1.16, 3.2.x < 3.2.7 & OTRS ITSM Sensitive Info Exposure via Ticket Split
CVSS 6.5
CVE-2013-5687 HIGH
RiskNet Acquirer - Information Disclosure in ApplicationServiceBean
CVSS 7.5
CVE-2013-6681 MEDIUM
Tube Map Live Underground < 3.0.22 - Information Disclosure
CVSS 5.9
CVE-2013-0192 MEDIUM
Simple Machines Forum <= 2.0.3 - Authenticated File Disclosure via Admin Interface
CVSS 4.9
CVE-2013-3564 MEDIUM
VLC media player < 2.0.7 - Unauthenticated Exposure of Sensitive Information via Web Interface
CVSS 5.3
CVE-2013-2683 MEDIUM
Cisco Linksys E4200 <1.0.05 - Info Disclosure
CVSS 5.3
CVE-2013-4166 HIGH
GNOME Evolution < 3.8.4 & Evolution Data Server < 3.9.5 - Sensitive Info Exposure via GPG Key
CVSS 7.5
CVE-2013-2676 HIGH
Brother MFC-9970CDW <1.10 - Info Disclosure
CVSS 7.5
CVE-2013-2674 HIGH
Brother MFC-9970CDW <1.10 - Info Disclosure
CVSS 7.5
CVE-2013-2631 MEDIUM
TinyWebGallery <1.8.9 - Info Disclosure
CVSS 5.3
Details
Vulnerabilities 10,195
Exploit Likelihood High