CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2013-6741
IBM Maximo Asset Management 7.x < 7.1.1.7 and 7.5.x < 7.5.0.5 - Sensitive Information Exposure
CVE-2013-2998
IBM Maximo Asset Management and SmartCloud Control Desk - Sensitive Information Exposure via Invalid action_code
CVE-2013-3984
IBM Sametime 8.x-8.5.2.1 and 9.x-9.0.0.1 - Unauthenticated Sensitive Cookie Exposure via Missing Secure Flag
CVE-2013-3982
IBM Sametime 8.x-8.5.2.1 and 9.x-9.0.0.1 - Unauthenticated Exposure of Sensitive Information via Public Page
CVE-2013-6472
MediaWiki <1.19.10, 1.2x<1.21.4, 1.22.x<1.22.1 - Unauthorized Exposure of Deleted Page Info
CVE-2013-0174
Foreman < 1.0 - Exposure of Sensitive Information via ENC API
CVE-2013-7060
Plone 3.3-4.3.2 - Unauthenticated Installation Path Exposure via FactoryTool File Object
CVE-2013-7373
Android < 4.4 - Exposure of Sensitive Information via OpenSSL PRNG Seeding
CVE-2013-7111
BaseSpace Ruby SDK 0.1.7 - Info Disclosure
CVE-2013-4279
imapsync < 1.564 - Unauthenticated Exposure of Sensitive Information via Release Check
CVE-2013-2086
owncloud_server - Exposure of Sensitive Information via JavaScript File
CVE-2013-4194
Plone 2.1-4.1 4.2.x-4.2.5 4.3.x-4.3.1 - Information Disclosure via WYSIWYG Component Error Message
CVE-2013-6493
IcedTea-Web < 1.4.2 - Local Information Disclosure via Predictable Socket File
CVE-2013-4590
Apache Tomcat <6.0.39, 7.x <7.0.50, 8.x <8.0.0-RC10 - Info Disclosure
CVE-2013-6656
Google Chrome < 33.0.1750.117 - Information Exposure via XSS Auditor POST Request Handling
CVE-2013-6440
OpenSAML < 2.6.1 - XML External Entity Injection via Entity Reference Expansion
CVE-2013-6024
F5 BIG-IP APM 10.x-14.x, BIG-IP Edge Gateway 10.x-11.x, and FirePass 7.0.0 - Sensitive Information Exposure
CVE-2013-7130
OpenStack Compute - Info Disclosure
CVE-2013-2074
kdelibs < 4.10.3 - Credential Exposure via HTTP Error Message
CVE-2013-4739
codeaurora android-msm - Exposure of Sensitive Information via MSM_MCR_IOCTL_EVT_GET or MSM_JPEG_IOCTL_EVT_GET
CVE-2013-4043
IBM SPSS Collaboration and Deployment Services 4.x-4.2.1.2, 5.x-5.0 FP2, 6.x-6.0 - Unauthenticated Arbitrary File Read
CVE-2013-7299
Tntnet < 2.2.1 - Exposure of Sensitive Information via Malformed HTTP Header
CVE-2013-6447
JBoss Seam 2 Framework < 2.3.1 - XML External Entity Injection in Remoting Handlers
CVE-2013-1923
nfs-utils < 1.2.8 - Unauthorized File Access via DNS Spoofing in rpc-gssd
CVE-2013-0157
util-linux - Exposure of Sensitive Information via Directory Existence Error Messages
Details
Vulnerabilities
10,195
Exploit Likelihood
High