CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,204 vulnerabilities with CWE-200
CVE-2012-0130
HP Onboard Administrator < 3.50 - Exposure of Sensitive Information
CVE-2012-1670
PHP Grade Book < 1.9.5 BETA - Unauthenticated Database Exposure via SaveSQL Action
CVE-2012-1926
Opera < 11.62 - Same Origin Policy Bypass via history.pushState and history.replaceState
CVE-2012-1920
AtMail Open-Source < 1.04 - Unauthenticated Sensitive Information Exposure via info.php
CVE-2012-1837
IBM Tivoli Endpoint Manager < 8.2 - Information Exposure via Missing HTTPOnly Cookie Flag
CVE-2012-0328
Janetter <3.3.0.0 - Info Disclosure
CVE-2012-1466
NetMechanica NetDecision < 4.5.1 - Unauthenticated Source Code Exposure via Invalid Version Number
CVE-2012-1464
NetMechanica NetDecision < 4.5.1 - Information Disclosure via Trailing Question Mark
CVE-2012-1786
Video Embed & Thumbnail Generator < 2.0 - Unauthenticated Installation Path Exposure
CVE-2012-1513
VMware vCenter Orchestrator 4.0-4.2 - Authenticated Exposure of Sensitive Information via Web Configuration Tool
CVE-2012-0456
Mozilla Firefox <4.11 - Info Disclosure
CVE-2012-0690
TIBCO Spotfire <10.1.2-4.0.2 - Info Disclosure
CVE-2012-0689
TIBCO ActiveMatrix Platform - Info Disclosure
CVE-2012-0687
TIBCO ActiveMatrix Runtime Platform and ActiveMatrix Platform - Exposure of Sensitive Information via Crafted URL
CVE-2012-0647
Safari < 5.1.4 - Unauthenticated Credential Exposure via Redirect and HTTP Authentication
CVE-2012-0640
Safari < 5.1.4 - Unauthorized Cookie Tracking via WebKit Cookie Blocking Bypass
CVE-2012-0316
Cookpad android_activities < 1.5.16 and android_mykitchen < 1.1.1 - Exposure of Sensitive Information via WebView
CVE-2012-0236
Advantech WebAccess < 6.0 - Unauthenticated Sensitive Information Exposure via Direct URL Request
CVE-2012-1223
RabidHamster R2/Extreme < 1.65 - Exposure of Sensitive Information via Brute Force PIN Attack
CVE-2012-0010
Microsoft Internet Explorer 6-9 - Unauthorized Information Exposure via Copy-and-Paste Operations
CVE-2012-0447
Mozilla Firefox <10 - Info Disclosure
CVE-2012-0817
Samba 3.6.x - Denial of Service via Connection Request Memory Leak
CVE-2011-4916
MEDIUM
Linux Kernel <= 3.1 - Unauthorized Keystroke Information Exposure via /dev/pts/ and /dev/tty*
CVSS 5.5
CVE-2011-4917
MEDIUM
Linux Kernel < 3.1 - Information Disclosure via /proc/stat
CVSS 5.5
CVE-2011-2863
MEDIUM
Google Chrome < 14.0.0.0 - Exposure of Sensitive Information via V8 Policy Enforcement
CVSS 6.5
Details
Vulnerabilities
10,204
Exploit Likelihood
High