CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,195 vulnerabilities with CWE-200
CVE-2013-0589 HIGH
IBM iNotes <8.5.3 FP6, <9.0.1 - Info Disclosure
CVSS 7.5
CVE-2013-3023 HIGH
IBM Tivoli Application Dependency Discovery Manager < 7.2.1.4 - Information Disclosure
CVSS 8.1
CVE-2013-3018 MEDIUM
IBM Tivoli Application Dependency Discovery Manager - Info Disclosure
CVSS 5.3
CVE-2013-4209 LOW
Automatic Bug Reporting Tool < 2.1.6 - Exposure of Sensitive Information via sha1sums
CVSS 3.3
CVE-2013-4317 MEDIUM
Apache CloudStack 4.1.0-4.1.1 - Unauthorized Exposure of Sensitive Information via listProjectAccounts API
CVSS 4.3
CVE-2013-7435 MEDIUM
Evergreen <2.5.9, <2.6.7, <2.7.4 - Info Disclosure
CVSS 6.5
CVE-2013-7400 HIGH
Direct Mail <3.1.2 - Info Disclosure
CVSS 7.5
CVE-2013-7431 MEDIUM
Googlemaps plugin <3.1 - Info Disclosure
CVSS 5.3
CVE-2013-5653 MEDIUM
AFPL Ghostscript - Exposure of Sensitive Information via Crafted PostScript File
CVSS 5.5
CVE-2013-7458 LOW
Redis < 3.2.3 - Exposure of Sensitive Information via World-Readable .rediscli_history File
CVSS 3.3
CVE-2013-7444
MediaWiki <1.22.0 - Info Disclosure
CVE-2013-6892
WebSVN 2.3.3 - Authenticated Arbitrary File Read via Symlink Attack
CVE-2013-6241
Open-Xchange AppSuite 7.2.x < 7.2.2-rev25 and 7.4.x < 7.4.0-rev14 - Sensitive Information Exposure via Birthday Widget
CVE-2013-6043
Softaculous Webuzo < 2.1.4 - Username Enumeration via Login Error Messages
CVE-2013-0347
webfs - Unprotected Sensitive Information Exposure via World-Readable Log File
CVE-2013-3737
Request Tracker MobileUI < 1.04 - Unauthorized Session Reuse and Sensitive Information Exposure
CVE-2013-7329
CGI::Application <4.50_50-4.50_51 - Info Disclosure
CVE-2013-6496
Red Hat Conga 0.12.2 - Exposure of Sensitive Information via Luci Extension Requests
CVE-2013-5423
IBM Flex System Manager <1.3.2.0 - Info Disclosure
CVE-2013-5760
QNAP Photo Station < 4.0.3 - Unauthenticated Exposure of Sensitive Information via list.php
CVE-2013-4728
DDSN cm3 Acora CMS - Exposure of Sensitive Information via 'l' Parameter Path Traversal
CVE-2013-4727
DDSN Interactive cm3 Acora CMS - Info Disclosure
CVE-2013-4725
DDSN Interactive cm3 Acora CMS 6.0.6/1a-5.5.7/12b - Info Disclosure
CVE-2013-4724
DDSN Interactive cm3 Acora CMS 6.0.6/1a-5.5.7/12b - Info Disclosure
CVE-2013-1818
MediaWiki < 1.20.3 - Unauthenticated Arbitrary File Read via mwdoc-filter.php
Details
Vulnerabilities 10,195
Exploit Likelihood High