CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,205 vulnerabilities with CWE-200
CVE-2011-3452
Apple Mac OS X <10.7.3 - Info Disclosure
CVE-2011-3447
CFNetwork <10.7.3 - Info Disclosure
CVE-2011-3670
Firefox < 3.6.26 and 4.x-6.0 - Information Exposure via IPv6 Literal Address Syntax
CVE-2011-4898
WordPress < 3.3.1 - Unauthenticated Sensitive Information Exposure via Installation Error Messages
CVE-2011-5067
Support Incident Tracker 3.65 - Authenticated Sensitive Information Exposure via move_uploaded_file.php
CVE-2011-3829
Support Incident Tracker 3.65 - Authenticated Sensitive Information Exposure via FTP Upload Filename
CVE-2011-1162
Linux Kernel 2.6 - Exposure of Sensitive Information via TPM Command Memory Leak
CVE-2011-4143
EMC RSA enVision <4.1 - Info Disclosure
CVE-2011-4276
Android 2.3-2.3.5 - Unauthenticated Contact Data Exposure via Bluetooth AT Phonebook Transfer
CVE-2011-4866
kaixin001 1.3.1 and 1.3.3 - Unprotected User Data Exposure
CVE-2011-4699
Ubermedia Twidroyd Legacy 4.3.11 - Unauthorized Data Access and Modification
CVE-2011-4698
Easy Filter 1.1 and 1.2 - Unauthorized Data Access via Crafted Application
CVE-2011-4697
Xiaomi MiTalk Messenger < 2.1.320 - Unauthorized Data Access and Modification
CVE-2011-3375
Apache Tomcat <7.0.22 - Info Disclosure
CVE-2011-5066
IBM WebSphere Application Server 6.1 - Sensitive Information Exposure via SibRaRecoverableSiXaResource FFDC Log
CVE-2011-4785
HP-ChaiSOE - Directory Traversal and Exposure of Sensitive Information
CVE-2011-4360
MediaWiki <1.17.1 - Info Disclosure
CVE-2011-4897
Tor < 0.2.2.25-alpha - Exposure of Sensitive Information via Relay Nickname
CVE-2011-4896
Tor < 0.2.2.24-alpha - Unauthorized Sensitive Information Exposure via Bridge Configuration
CVE-2011-4895
Tor < 0.2.2.34 - Bridge Enumeration via Circuit Building Observation
CVE-2011-4894
Tor < 0.2.2.34 - Bridge Enumeration via DirPort Connection Observation
CVE-2011-2769
Tor < 0.2.2.34 - Bridge Enumeration via CREATE/FAST Command Field
CVE-2011-3663
Mozilla Firefox <9 - Info Disclosure
CVE-2011-4853
Parallels Plesk Panel 10.4.4_build20111103.18 - Exposure of Sensitive Information via RFC 1918 IP Address Disclosure
CVE-2011-4852
Parallels Plesk Panel 10.4.4_build20111103.18 - Exposure of Sensitive Information via Cross-Domain Referer Leakage
Details
Vulnerabilities 10,205
Exploit Likelihood High