CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,195 vulnerabilities with CWE-200
CVE-2013-5130
Apple Safari <6.1 - Info Disclosure
CVE-2013-4299
Linux Kernel < 3.11.6 - Authenticated Sensitive Information Exposure via Snapshot Block Device Mapping
CVE-2013-5183
Apple Mac OS X <10.9 - Info Disclosure
CVE-2013-5136
Apple Remote Desktop <3.7 - Info Disclosure
CVE-2013-4295
Apache Shindig 2.5.0-beta1-2.5.0 - XML External Entity Injection in Gadget Renderer
CVE-2013-4368
Xen < 4.3.0 - Unauthorized Sensitive Information Exposure via Uninitialized Segment Base
CVE-2013-4832
HP Service Manager <9.33 - Info Disclosure
CVE-2013-4826
HP Intelligent Management Center Exposure of Sensitive Information
CVE-2013-5008
Symantec Management Platform <7.1 SP2 Mp1.1v7 - Info Disclosure/DoS
CVE-2013-4829
HP LaserJet and Color LaserJet - Unauthorized Document Image Access
CVE-2013-0693
ENEA OSE < 1.20 - Unauthenticated Sensitive Information Exposure via Network Beacon Broadcasts
CVE-2013-2013
python-keystoneclient < 0.2.4 - Exposure of Sensitive Information via Command Line Argument
CVE-2013-4361
Xen 3.3.x-4.3.x - Information Disclosure via fbld Instruction Emulation
CVE-2013-4355
Xen < 4.3.0 - Unauthorized Memory Access via HVM Guest Operations
CVE-2013-5380
IBM Maximo Asset Mgmt <7.5.0.5 - Info Disclosure
CVE-2013-3972
IBM Maximo Asset Management 7.1-7.1.1.12 and 7.5-7.5.0.5 - Authenticated Exposure of Sensitive Information
CVE-2013-1442
Xen 4.0-4.3.x - Information Disclosure via XSAVE/XRSTOR Register Handling
CVE-2013-4112
JGroups 3.0.0-3.2.8 & 3.3.0-3.3.2 - Sensitive Info Exposure & RCE via DiagnosticsHandler
CVE-2013-5936
Open-Xchange AppSuite <7.0.2-rev15/7.2.2-rev16 - Sensitive Information Exposure via Hazelcast
CVE-2013-5935
Open-Xchange AppSuite 7.0.x < 7.0.2-rev15 and 7.2.x < 7.2.2-rev16 - Unauthorized Access via Hazelcast Cluster API
CVE-2013-4024
IBM Data Studio Web Console 3.x-3.2 - Exposure of Sensitive Information via HTTP Session Cookie Sniffing
CVE-2013-5666
FreeBSD 9.2-RC1 and 9.2-RC2 - Kernel Memory Exposure via sendfile System Call
CVE-2013-5490
Cisco Prime DCNM <6.2(1) - Info Disclosure
CVE-2013-5487
Cisco Prime DCNM <6.2(1) - Info Disclosure
CVE-2013-5150
iPhone OS < 7 - Unauthenticated Exposure of Sensitive Browsing History via Safari Tab History
Details
Vulnerabilities 10,195
Exploit Likelihood High