CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,204 vulnerabilities with CWE-200
CVE-2012-4605
Websense Email Security 6.1-7.3 - Info Disclosure
CVE-2012-3502
Apache HTTP Server < 2.4.3 - Exposure of Sensitive Information via Proxy Connection Reuse
CVE-2012-4591
McAfee Enterprise Mobility Manager < 10.0 - Unauthenticated Sensitive Information Exposure via About.aspx
CVE-2012-4583
McAfee EWS <5.5.6 & MEG <7.0.1 - Info Disclosure
CVE-2012-4168
Adobe Flash Player <10.3.183.23/11.x<11.4.402.265 Sensitive Info Exposure via Cross-Domain Access
CVE-2012-4219
phpMyAdmin 3.5.x < 3.5.2.1 - Unauthenticated Sensitive Information Exposure via Direct Request to show_config_errors.php
CVE-2012-2387
devotee 0.1 patch 2 - Exposure of Sensitive Information via Weak Random Number Generation
CVE-2012-4007
mixi < 4.2.9 - Unauthorized Exposure of Sensitive Information via SD Card Storage
CVE-2012-4006
gree - Exposure of Sensitive Information via WebView Implementation
CVE-2012-2168
IBM Rational ClearQuest 7.1.x-7.1.2.6 & 8.x-8.0.0.2 - Sensitive Info Exposure via Invalid Parameter
CVE-2012-2165
IBM Rational ClearQuest 7.1.x < 7.1.2.7 and 8.x < 8.0.0.3 - Authenticated Password Hash Exposure via User Query
CVE-2012-0744
IBM Rational ClearQuest <7.1.2.7 & 8.0.0.3 - Info Disclosure
CVE-2012-3249
HP Fortify Software Security Center <3.6 - Info Disclosure
CVE-2012-3248
HP Fortify Software Security Center <3.6 - Info Disclosure
CVE-2012-4332
ShareYourCart 1.7.1 - Information Exposure via SDK Path Disclosure
CVE-2012-4257
George Karpouzas Yet Another Question... - Information Disclosure
CVE-2012-4256
jNews (com_jnews) 7.5.1 - Exposure of Sensitive Information via Emailsearch Parameter
CVE-2012-4255
MySQLDumper 1.24.4 - Exposure of Sensitive Information via Direct Request to refresh_dblist.php
CVE-2012-4254
mysqldumper 1.24.4 - Exposure of Sensitive Information via Direct Request to Restore or Dump Script
CVE-2012-2327
MyBB < 1.6.7 - Unauthenticated Sensitive Information Exposure via Malformed Forumread Cookie
CVE-2012-3474
Ushahidi Platform < 2.5 - Unauthenticated Exposure of Sensitive Information via Comments API
CVE-2012-4235
RSGallery2 (com_rsgallery2) < 3.2.0 - Unauthenticated Directory Listing via Missing index.html
CVE-2012-0421
SUSE Audit Log Keeper <0.2.1-0.4.6.1 - Info Disclosure
CVE-2012-4005
NHN Japan NAVER LINE < 2.5 - Exposure of Sensitive Message Information via Implicit Intent Handling
CVE-2012-1361
Cisco IOS 15.1-15.2 - Exposure of Sensitive Information via Multicast Music-on-Hold Feature
Details
Vulnerabilities
10,204
Exploit Likelihood
High