CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,199 vulnerabilities with CWE-200
CVE-2012-3094
Cisco AnyConnect <3.1.00495 - Info Disclosure
CVE-2012-4013
Cybozu KUNAI Browser for Remote Service - Exposure of Sensitive Information via WebView JavaScript Execution
CVE-2012-4909
Google Chrome <18.0.1025308 - Info Disclosure
CVE-2012-2185
IBM Maximo Asset Management 6.2-7.5 - Authenticated Exposure of Sensitive Information
CVE-2012-1579
MediaWiki 1.17.x < 1.17.3 and 1.18.x < 1.18.2 - Exposure of Sensitive Information via Resource Loader
CVE-2012-4012
Cybozu KUNAI < 2.0.5 - Exposure of Sensitive Information via WebView JavaScript Execution
CVE-2012-0837
Joomla! <1.7.5, <2.5.1 - Info Disclosure
CVE-2012-4390
owncloud < 4.0.7 - Authenticated User Enumeration via Calendar and Contacts Remote Endpoints
CVE-2012-3529
TYPO3 4.5.0-4.5.18, 4.6.0-4.6.11, 4.7.0-4.7.3 - Authenticated Encryption Key Exposure
CVE-2012-1614
Coppermine Photo Gallery < 1.5.20 - Exposure of Sensitive Information via Error Message
CVE-2012-1607
TYPO3 4.4.0-4.4.13 4.5.0-4.5.13 4.6.0-4.6.6 4.7 6.0 - Unauthenticated Database Name Exposure via CLI Script
CVE-2012-3976
Firefox < 15.0 and SeaMonkey < 2.12 - Certificate Spoofing via onLocationChange Event
CVE-2012-3975
Firefox < 15.0 - Information Exposure via DOMParser Subresource Loading
CVE-2012-3972
Mozilla Firefox < 15.0 - Exposure of Sensitive Information via XSLT format-number
CVE-2012-3581
Symantec Messaging Gateway < 9.5.4 - Exposure of Sensitive Information via Component Version Disclosure
CVE-2012-1645
CDN module 6.x-2.2 and 7.x-2.2 for Drupal - Unauthenticated Arbitrary File Read via Origin Pull Mode
CVE-2012-3419
Performance Co-Pilot < 3.6.5 - Unauthorized Sensitive Information Exposure via /proc Export
CVE-2012-1586
cifs-utils - Exposure of Sensitive Information via Error Message
CVE-2012-4674
PluXml < 5.1.6 - Unauthenticated Installation Path Exposure via PHPSESSID
CVE-2012-3519
Tor < 0.2.2.37 - Timing Side-Channel Information Disclosure in Relay Selection
CVE-2012-4605
Websense Email Security 6.1-7.3 - Info Disclosure
CVE-2012-3502
Apache HTTP Server < 2.4.3 - Exposure of Sensitive Information via Proxy Connection Reuse
CVE-2012-4591
McAfee Enterprise Mobility Manager < 10.0 - Unauthenticated Sensitive Information Exposure via About.aspx
CVE-2012-4583
McAfee EWS <5.5.6 & MEG <7.0.1 - Info Disclosure
CVE-2012-4168
Adobe Flash Player <10.3.183.23/11.x<11.4.402.265 Sensitive Info Exposure via Cross-Domain Access
Details
Vulnerabilities
10,199
Exploit Likelihood
High