CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,195 vulnerabilities with CWE-200
CVE-2013-1665
OpenStack Folsom and Keystone Essex - XML External Entity Injection
CVE-2013-2744
BackupBuddy <2.2.25 - Info Disclosure
CVE-2013-2264
Asterisk Open Source <1.8.20.2, <10.12.2, <11.2.2 - Unauthenticated User Enumeration via SIP
CVE-2013-0474
IBM Security Appscan - Information Disclosure
CVE-2013-1835
Moodle 2.0.0-2.1.10, 2.2.0-2.2.7, 2.3.0-2.3.4, 2.4.0-2.4.1 - Sensitive Information Exposure via Login-As
CVE-2013-1832
Moodle 2.0.0-2.4.1 - Authenticated Sensitive Information Exposure via WebDAV
CVE-2013-1831
Moodle <= 2.1.10, 2.2.x < 2.2.8, 2.3.x < 2.3.5, 2.4.x < 2.4.2 - Sensitive Information Exposure
CVE-2013-1829
Moodle 2.4.x - Authenticated Exposure of Sensitive Information via Calendar Subscription Display
CVE-2013-1840
OpenStack Glance Essex/Folsom/Grizzly - Sensitive Information Exposure via v1 API
CVE-2013-0677
Siemens WinCC <7.2 - Info Disclosure/DoS
CVE-2013-0978
Apple iOS <6.1.3 & Apple TV <5.2.1 - Privilege Escalation
CVE-2013-0505
IBM Sterling Order Management <9.2.0 - XPath Injection
CVE-2013-2371
TIBCO Spotfire Statistics Services 3.3.x-4.5.x, 5.0.x - Exposure of Sensitive Information via Web API
CVE-2013-1814
Apache Rave 0.11-0.20 - Authenticated Sensitive Information Exposure via User RPC API
CVE-2013-0095
Microsoft Office for Mac 2008 < 12.3.6 and 2011 < 14.3.2 - Unintended Content Loading via HTML5 Elements
CVE-2013-2273
Bitcoin-Qt < 0.4.8 - Exposure of Sensitive Information via Predictable Transaction Outputs
CVE-2013-2272
Bitcoin-Qt < 0.4.8 - Unauthorized Wallet Address and IP Association via Penny-Flooding Bypass
CVE-2013-1643
PHP < 5.3.23 and 5.4.x < 5.4.13 - XML External Entity Injection via SOAP WSDL Parser
CVE-2013-1140
Cisco Security Monitoring, Analysis, and Response System - XML External Entity Injection via XML Parser
CVE-2013-0909
Google Chrome < 25.0.1364.152 - Unauthorized Sensitive Information Exposure via XSS Auditor
CVE-2013-0349
Linux Kernel < 3.7.6 - Information Disclosure via HIDPCONNADD ioctl
CVE-2013-0212
OpenStack Glance 2012.1-2012.2.2 - Authenticated Sensitive Information Exposure via Swift Endpoint Error Messages
CVE-2013-0786
Bugzilla <3.6.13-4.0.10 - Info Disclosure
CVE-2013-0160
Linux Kernel <= 3.7.9 - Sensitive Keystroke Timing Exposure via inotify on /dev/ptmx
CVE-2013-0704
gree < 1.3.2 - Exposure of Sensitive Information via Directory Traversal
Details
Vulnerabilities
10,195
Exploit Likelihood
High