CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2013-5142
iPhone OS < 7 - Uninitialized Kernel Memory Exposure via msgctl or segctl API
CVE-2013-1729
Firefox < 24.0 - Unauthorized Desktop Screenshot Data Exposure via WebGL Canvas Read
CVE-2013-4766
Eucalyptus <3.3.1 - Info Disclosure
CVE-2013-4183
OpenStack Cinder 2013.1.1-2013.1.2 - Exposure of Sensitive Information via LVMVolumeDriver Snapshot Deletion
CVE-2013-1030
Apple Mac OS X <10.8.5 - Info Disclosure
CVE-2013-3160
Microsoft Office 2003 SP3 and 2007 SP3 - XML External Entity Injection
CVE-2013-3137
Microsoft FrontPage 2003 SP3 - Info Disclosure
CVE-2013-3469
Cisco Mobility Services Engine - Unauthenticated Sensitive Information Exposure via Oracle SSL Service Misconfiguration
CVE-2013-5209
FreeBSD 8.3-9.2-PRERELEASE - Information Exposure via SCTP INIT-ACK Chunks
CVE-2013-4272
BOTCHA Spam Prevention Module < 7.x-1.6, 7.x-2.1, 7.x-3.3 - Sensitive Information Exposure
CVE-2013-2076
Xen 4.0.x-4.2.x - Information Disclosure via x87 Register Handling
CVE-2013-4039
IBM WebSphere Extended Deployment Compute Grid < 8.0.0.3 - Authenticated Sensitive Information Exposure
CVE-2013-3597
SearchBlox < 7.5 - Exposure of Sensitive Information via CollectionListServlet
CVE-2013-2976
IBM WebSphere Application Server <8.5.5.0 - Info Disclosure
CVE-2013-4961
Puppet Enterprise <3.0.1 - Info Disclosure
CVE-2013-4959
Puppet Enterprise <3.0.1 - Info Disclosure
CVE-2013-4242
Canonical Ubuntu Linux < 1.4.13 - Information Disclosure
CVE-2013-4208
PuTTY < 0.63 - Unauthorized Sensitive Information Exposure via RSA Key Memory Handling
CVE-2013-3319
SAP Netweaver 7.03 - Info Disclosure
CVE-2013-4698
Cybozu Mailwise <5.0.5 - Info Disclosure
CVE-2013-3040
IBM InfoSphere Information Server - Info Disclosure
CVE-2013-3185
Microsoft AD FS <2.1 - Info Disclosure
CVE-2013-4678
Symantec Backup Exec <2010 R3 SP3, <2012 SP2 - Info Disclosure
CVE-2013-3442
Cisco Unified Communications Manager - Authenticated Sensitive Information Exposure via Stack Exception
CVE-2013-4165
Bitcoin Core 0.8.1 - Timing Side-Channel Information Disclosure via HTTP Authorization
Details
Vulnerabilities
10,195
Exploit Likelihood
High