CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2013-5054
Microsoft Office 2013-2013 RT - Info Disclosure
CVE-2013-6237
ISL Desktop Plugin < 1.4.7 for ISL Light <= 3.5.4 - Authenticated Information Disclosure via Clipboard Pasting
CVE-2013-6791
Microsoft Enhanced Mitigation Experience Toolkit < 4.0 - ASLR Bypass via Predictable Hooked Function Addresses
CVE-2013-4617
Jahia xCM < 6.6.1 - Unauthenticated Sensitive Information Exposure via JSESSIONID Cookie
CVE-2013-4522
Moodle <2.2.11, <2.3.10, <2.4.7, <2.5.3 - Info Disclosure
CVE-2013-6868
SAP Sybase ASE 15.0.3-15.7 SP100 Sensitive Information Exposure
CVE-2013-6832
FreeBSD < 10.0 - Unauthorized Sensitive Information Exposure via nand_ioctl
CVE-2013-5995
LOCKON EC-CUBE 2.12.3-2.13.0 - Authenticated Exposure of Sensitive Information via Address Helper
CVE-2013-5994
LOCKON EC-CUBE 2.11.2-2.13.0 - Exposure of Sensitive Information via Direct Request to LC_Page_Mypage_DeliveryAddr.php
CVE-2013-5991
LOCKON EC-CUBE 2.11.0-2.11.5 - Exposure of Sensitive Information via Error-Log Output
CVE-2013-6629
Google Chrome < 31.0.1650.48 - Information Disclosure
CVE-2013-5454
IBM WebSphere Portal - Info Disclosure
CVE-2013-2061
OpenVPN < 2.3.0 - Information Exposure via Timing Attack on HMAC Comparison
CVE-2013-5453
IBM Security AppScan Enterprise <8.7.0.1 - Info Disclosure
CVE-2013-6789
SilverStripe 3.0.3 - Exposure of Sensitive Information via GET Request Credentials
CVE-2013-3909
Microsoft Internet Explorer 6-8 - Information Disclosure via CSS Token Sequence
CVE-2013-3908
Microsoft Internet Explorer 6-10 - Information Disclosure via Print Preview
CVE-2013-3905
Microsoft Outlook 2007 SP3, 2010 SP1/SP2, 2013 - Sensitive Information Exposure via S/MIME Certificate Metadata
CVE-2013-3887
Microsoft Windows - Kernel Memory Information Disclosure via AFD Driver
CVE-2013-4516
Linux kernel <3.12 - Info Disclosure
CVE-2013-4515
Linux kernel <3.12 - Info Disclosure
CVE-2013-6014
CRITICAL
Juniper Junos <=13.2R1 - Unauthenticated ARP Poisoning and Sensitive Information Exposure via Proxy ARP
CVSS 9.3
CVE-2013-6285
Tyler Technologies TaxWeb 3.13.3.1 - Exposure of Sensitive Information via Search Component
CVE-2013-6020
Tyler Technologies TaxWeb 3.13.3.1 - User Enumeration via Password Recovery Status Code
CVE-2013-4301
MediaWiki <1.19.8, <1.20.7, <1.21.2 - Sensitive Information Exposure via Lang Parameter
Details
Vulnerabilities
10,195
Exploit Likelihood
High