CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,204 vulnerabilities with CWE-200
CVE-2011-4327 MEDIUM
OpenSSH <5.8p2 - Local Info Disclosure
CVSS 5.5
CVE-2011-3201
Oracle Solaris < 3.0.3 - Information Disclosure
CVE-2011-1350
Android < 2.3.6 - Information Exposure via PowerVR SGX Driver Request
CVE-2011-5245
RESTEasy < 2.3.2 - XML External Entity Injection via JAXB Input
CVE-2011-4129
libsocialweb <0.25.20 - Info Disclosure
CVE-2011-5126
Bluecoat Sgos - Information Disclosure
CVE-2011-4922
Pidgin < 2.7.10 - Sensitive Information Exposure via Encryption-Key Data Retention
CVE-2011-4593
Moodle 1.9.x < 1.9.15, 2.0.x < 2.0.6, 2.1.x < 2.1.3 - Authenticated Email Address Exposure via Messaging Interface
CVE-2011-4581
Moodle 2.0.x-2.0.6 and 2.1.x-2.1.3 - Authenticated Exposure of Sensitive Information via Wiki History Interface
CVE-2011-4284
Moodle 2.0.x <2.0.2 - Info Disclosure
CVE-2011-4283
Moodle <1.9.11-2.0.2 - Info Disclosure
CVE-2011-4279
Moodle 2.0.x <2.0.2 - Info Disclosure
CVE-2011-4304
Moodle <2.0.5, <2.1.2 - Info Disclosure
CVE-2011-1160
Linux Kernel < 2.6.39 - Uninitialized Buffer Information Disclosure in TPM Driver
CVE-2011-1078
Linux Kernel < 2.6.39 - Information Disclosure via SCO_CONNINFO Option
CVE-2011-2494
Linux Kernel < 3.1 - Unauthorized Sensitive I/O Statistics Exposure via Taskstats Netlink Commands
CVE-2011-2084
Best Practical Solutions RT <3.8.12, <4.0.6 - Info Disclosure
CVE-2011-2898 MEDIUM
Linux Kernel < 2.6.39.3 - Unauthorized Information Exposure via VLAN Tag Control Information
CVSS 5.5
CVE-2011-2707 MEDIUM
Linux Kernel < 3.1 - Unauthorized Kernel Memory Exposure via PTRACE_SETXTREGS Request
CVSS 6.0
CVE-2011-4232
Cisco Unified MeetingPlace <8.5 - Info Disclosure
CVE-2011-4014
Cisco Wireless Control System 7.0 - Authenticated Arbitrary File Read via TAC Case Attachment Tool
CVE-2011-3309
Cisco Adaptive Security Appliance Software 8.2-8.4 - Exposure of Sensitive Information via IKE Responder Traffic
CVE-2011-4817
IBM Maximo Asset Management 6.2, 7.1, 7.5 - Authenticated Exposure of Sensitive Information via Help Menu
CVE-2011-4872
HTC Android Devices - Unauthorized 802.1X Wi-Fi Credential Exposure via WifiConfiguration toString
CVE-2011-3452
Apple Mac OS X <10.7.3 - Info Disclosure
Details
Vulnerabilities 10,204
Exploit Likelihood High