CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,199 vulnerabilities with CWE-200
CVE-2012-5182
Loctouch < 3.4.6 - Exposure of Sensitive Location Information via Implicit Intent Handling
CVE-2012-5180
Opera Mobile <12.1 & Opera Mini <7.5 - Info Disclosure
CVE-2012-4046
D-Link DCS-932L Firmware 1.02 - Unauthenticated Password Exposure via UDP Broadcast Packet
CVE-2012-4698
Siemens RuggedCom - Info Disclosure
CVE-2012-6325
VMware vCenter Server Appliance < 5.0 Update 2 - Authenticated Arbitrary File Read via XML Parsing
CVE-2012-5765
IBM Rational ClearQuest 7.1.2.x-7.1.2.8 and 8.0.0.x-8.0.0.4 - Exposure of Sensitive Information via SQL Error Message
CVE-2012-4846
IBM Lotus Notes <8.5.3 FP3 - Info Disclosure
CVE-2012-4976
Layton Helpbox 4.4.0 - Info Disclosure
CVE-2012-6313
Simple Gmail Login < 1.1.4 - Unauthenticated Sensitive Information Exposure via Missing Timezone Parameter
CVE-2012-5055
VMware Spring Security Username Enumeration via Login Timing
CVE-2012-6052
Wireshark 1.8.x < 1.8.4 - Sensitive Hostname Information Exposure via pcap-ng File Parsing
CVE-2012-5554
Webform CiviCRM Integration <7.x-3.2 - Info Disclosure
CVE-2012-5552
Drupal Password policy module <7.x-1.3 - Info Disclosure
CVE-2012-5544
Mandrill <7.x-1.2 - Info Disclosure
CVE-2012-5615
Oracle MySQL <5.5.38 & MariaDB <5.5.28a - Info Disclosure
CVE-2012-6049
Open Solution Quick.Cart 5.0 - Information Disclosure via Malformed Cookie
CVE-2012-0959
Remote Login Service 1.0.0 - Unauthorized Exposure of Sensitive Information via Improper Session Clearing
CVE-2012-4411
Xen 4.0-4.2 - Authenticated Sensitive Host Resource Information Exposure via QEMU Monitor
CVE-2012-0818
RESTEasy < 2.3.1 - XML External Entity Injection
CVE-2012-5473
Moodle <2.1.9, <2.2.6, <2.3.3 - Info Disclosure
CVE-2012-4208
Firefox < 17.0 - Exposure of Sensitive Information via XrayWrapper Property Filtering
CVE-2012-3354
DokuWiki - Unauthenticated Sensitive Information Exposure via Prefix Parameter
CVE-2012-5916
Neocrome Seditio build 161 - Exposure of Sensitive Information via Direct SQL File Access
CVE-2012-5915
Neocrome Seditio <= Build 161 - Information Disclosure via Direct Request
CVE-2012-5890
sr_feuser_register < 2.6.2 - Exposure of Sensitive Information via Edit Perspective or Autologin Feature
Details
Vulnerabilities
10,199
Exploit Likelihood
High