CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2013-6330
IBM WebSphere Application Server 7.x < 7.0.0.31 - Authenticated Sensitive Information Exposure via Static File Caching
CVE-2013-3713
openSUSE 13.1 KDE aaa_base < 16.26.1 - Unauthorized Information Exposure via Root User in Users Group
CVE-2013-7281
Linux kernel <3.12.4 - Info Disclosure
CVE-2013-6480
Apache Libcloud 0.12.3-0.13.2 - Exposure of Sensitive Information via DigitalOcean Destroy API
CVE-2013-6419
OpenStack Havana < 2013.2.1 - Exposure of Sensitive Metadata via Spoofed Device ID
CVE-2013-6953
BlogEngine.NET < 2.8 - Unauthenticated Exposure of Sensitive Information via sioc.axd Request
CVE-2013-7249
Fat Free CRM <0.12.1 - Info Disclosure
CVE-2013-7224
Fat Free CRM <0.12.1 - Info Disclosure
CVE-2013-6978
Cisco Unified Communications Manager < 9.1(1) - Authenticated Sensitive Information Exposure via DRS HTML Source
CVE-2013-4070
IBM SPSS Collaboration and Deployment Services 4.2.1-4.2.1.3 IF3 and 5.0-FP3 - Password Exposure
CVE-2013-4069
IBM SPSS Collaboration and Deployment Services 4.2.1-5.0 - XML External Entity Injection in Portal Application
CVE-2013-4044
IBM SPSS Collaboration and Deployment Services 4.2.1-5.0 - Sensitive Information Exposure via Direct HTTP Request
CVE-2013-5452
IBM FileNet Business Process Framework 4.1.0 - SSRF
CVE-2013-5422
IBM Rational ClearQuest <8.0.0.9 - Info Disclosure
CVE-2013-7005
D-Link DSR-150/250/500/1000 Firmware - Cleartext Password Storage in Configuration File
CVE-2013-4775
NETGEAR ProSafe Firmware - Sensitive Information Exposure via Direct Request
CVE-2013-5440
IBM InfoSphere Information Server <9.1 - Info Disclosure
CVE-2013-6973
Cisco WebEx Training Center - Exposure of Sensitive Information via Crafted URL
CVE-2013-6972
Cisco WebEx Training Center - Unauthenticated Session Number Exposure via HTML Source Code
CVE-2013-6970
Cisco WebEx Meeting Center - Information Exposure via Verbose Error Messages
CVE-2013-6968
Cisco WebEx Training Center - Unauthenticated User Enumeration via Registration Error Messages
CVE-2013-6709
Cisco WebEx Training Center - Unauthorized Audio Conference Access via Registration URL
CVE-2013-4569
MediaWiki <1.19.9, <1.20.x-1.20.8, <1.21.x-1.21.3 - Info Disclosure
CVE-2013-6052
OpenJPEG < 1.3 - Heap-Based Out-of-Bounds Read
CVE-2013-6672
Opensuse < 26.0 - Information Disclosure
Details
Vulnerabilities
10,195
Exploit Likelihood
High