CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,195 vulnerabilities with CWE-200
CVE-2012-6078 HIGH
W3 Total Cache < 0.9.2.5 - Exposure of Sensitive Information via Predictable Cache Filenames
CVSS 7.5
CVE-2012-6077 HIGH
W3 Total Cache < 0.9.2.5 - Exposure of Sensitive Information via Insecure Database Cache File Storage
CVSS 7.5
CVE-2012-0843 MEDIUM
uzbl - Unauthorized Information Exposure via World-Readable Cookies Storage File
CVSS 5.5
CVE-2012-0842 MEDIUM
surf < 0.5 - Unauthorized Cookie Jar Access via Local File Permissions
CVSS 5.5
CVE-2012-1169 MEDIUM
Moodle < 2.2.2 - Unauthorized Personal Information Exposure via Page Breadcrumbs
CVSS 5.3
CVE-2012-1161 MEDIUM
Moodle < 2.2.2 - Unauthorized Course Information Exposure via Tag Search
CVSS 4.3
CVE-2012-1159 MEDIUM
Moodle < 2.2.2 - Unauthorized Exposure of Hidden Courses via Overview Report
CVSS 4.3
CVE-2012-1158 MEDIUM
Moodle < 2.2.2 - Unauthorized Exposure of Hidden Grade Items in Gradebook Export
CVSS 4.3
CVE-2012-1155 HIGH
Moodle 1.9-1.9.16 - Unauthorized Data Exposure via Database Activity Export
CVSS 7.5
CVE-2012-0046 HIGH
MediaWiki < 1.17.2 - Unauthorized Exposure of Deleted Text
CVSS 7.5
CVE-2012-0433 LOW
crowbar <2012-10-02 - Info Disclosure
CVSS 3.3
CVE-2012-3331 MEDIUM
IBM Sametime - Unauthenticated Exposure of Sensitive Information via STLOG.NSF Direct Request
CVSS 5.3
CVE-2012-3353 HIGH
Apache Sling JCR ContentLoader < 2.1.6 - Information Disclosure via XmlReader File Import
CVSS 7.5
CVE-2012-4382 MEDIUM
MediaWiki < 1.18.5 and 1.19.x < 1.19.2 - Unauthorized User Block Metadata Exposure via Reblock Attempt
CVSS 4.9
CVE-2012-2150
xfsprogs < 3.2.3 - Exposure of Sensitive Information via xfs_metadump
CVE-2012-5508
Plone <4.2.3, <4.3 beta - Info Disclosure
CVE-2012-1111
lightdm < 1.0.9 - Unauthorized File Descriptor Exposure
CVE-2012-5505
Plone <4.2.3, <4.3 - Info Disclosure
CVE-2012-5497
Plone <4.2.3, <4.3 - Info Disclosure
CVE-2012-5492
Plone <4.2.3, <4.3 - Info Disclosure
CVE-2012-5491
z3c.form <4.2.3,4.3 - Info Disclosure
CVE-2012-1171
PHP 5.x - Unauthenticated Arbitrary File Read via libxml Custom Stream Wrapper
CVE-2012-2997
F5 BIG-IP <11.2.1 - Info Disclosure
CVE-2012-0263
op5 Monitor/Appliance <5.5.1 - Info Disclosure
CVE-2012-0425
LanItems.ycp in save_y2logs in yast2-network <2.24.4 - Info Disclosure
Details
Vulnerabilities 10,195
Exploit Likelihood High