CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,195 vulnerabilities with CWE-200
CVE-2013-2624 MEDIUM
telaen < 1.3.1 - Exposure of Sensitive Information via Crafted URL Request
CVSS 5.3
CVE-2013-4187 MEDIUM
Flippy 7.x-1.0-7.x-1.1 - Authenticated Exposure of Sensitive Information via Node Access Bypass
CVSS 6.5
CVE-2013-1631 MEDIUM
Veraxsystems Network Management System - Information Disclosure
CVSS 5.3
CVE-2013-0291 HIGH
NextGEN Gallery Plugin for WordPress 1.9.10-1.9.11 - Path Disclosure
CVSS 7.5
CVE-2013-1602 HIGH
D-Link DCS-3411 and Multiple Camera Firmware - Unauthenticated Information Disclosure via RTSP Session Cookie
CVSS 7.5
CVE-2013-1601 MEDIUM
D-Link DCS and WCS Firmware - Unauthenticated Information Disclosure via lums.cgi
CVSS 5.3
CVE-2013-6455 MEDIUM
MediaWiki CentralAuth < 1.19.10, 1.2x < 1.21.4, 1.22.x < 1.22.1 - Unauthenticated Username Exposure via DOM Injection
CVSS 5.3
CVE-2013-2499 HIGH
SimpleHRM < 2.3 - Unauthenticated Authentication Bypass via Cookie Spoofing
CVSS 7.5
CVE-2013-1594 HIGH
Vivotek PT7135 Firmware 0300a/0400a - Cleartext Credential Storage Exposes Sensitive Information
CVSS 7.5
CVE-2013-4176 MEDIUM
mysecureshell 1.31 - Local Information Disclosure
CVSS 5.5
CVE-2013-4868 MEDIUM
Karotz API <12.07.19.00 - Info Disclosure
CVSS 5.3
CVE-2013-3314 HIGH
Loftek Nexus 543 Firmware - Unauthenticated Sensitive Information Exposure via get_realip.cgi and get_status.cgi
CVSS 7.5
CVE-2013-1817 HIGH
MediaWiki < 1.19.4 and 1.20.x < 1.20.3 - Information Disclosure via api.php
CVSS 7.5
CVE-2013-7089 HIGH
ClamAV < 0.97.7 - Information Exposure via dbg_printhex
CVSS 7.5
CVE-2013-3070 HIGH
Netgear WNDR4700 <1.0.0.34 - Info Disclosure
CVSS 7.5
CVE-2013-4110 MEDIUM
Cryptocat - Unauthorized Exposure of Chat Participant User List
CVSS 5.3
CVE-2013-4105 HIGH
Cryptocat < 2.0.22 - Multiparty Encryption Scheme Information Disclosure
CVSS 7.5
CVE-2013-2262 HIGH
Cryptocat < 2.0.22 - Information Disclosure
CVSS 7.5
CVE-2013-2261 HIGH
Cryptocat < 2.0.22 - Information Disclosure via img/keygen.gif
CVSS 7.5
CVE-2013-4518 MEDIUM
Red Hat Update Infrastructure 2.1.3 - Unauthorized Exposure of PKI Entitlement Certificates
CVSS 5.5
CVE-2013-2600 HIGH
miniupnpd - Exposure of Sensitive Information via snprintf()
CVSS 7.5
CVE-2013-4856 MEDIUM
D-Link DIR-865L Firmware - Exposure of Sensitive Information
CVSS 6.5
CVE-2013-7203 MEDIUM
Gitolite <fa06a34 - Info Disclosure
CVSS 5.5
CVE-2013-0522 HIGH
IBM Notes 8.0-9.0 - Unauthorized Password Exposure via Single Logon Feature
CVSS 7.0
CVE-2013-0570 MEDIUM
IBM Network Operating System - Exposure of Sensitive Information via FCoE Data Frame Flooding
CVSS 5.3
Details
Vulnerabilities 10,195
Exploit Likelihood High