CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,205 vulnerabilities with CWE-200
CVE-2011-2774
Mahara 1.3.x-1.4.x - Authenticated Exposure of Sensitive Information via Replyto Parameter
CVE-2011-3441
iPhone OS < 5.0.1 - Information Disclosure via DNS Hostname
CVE-2011-3653
Mozilla Firefox <8.0 & Thunderbird <8.0 - SSRF
CVE-2011-3649
Mozilla Firefox <7.0 & Thunderbird <7.0 - CSRF
CVE-2011-1368
IBM WebSphere App Server <8.0.0.1 - Info Disclosure
CVE-2011-3163
HP MFP Digital Sending Software 4.9x-4.91.21 - Exposure of Sensitive Workflow-Metadata Information
CVE-2011-2059
Cisco IOS <15.1(4)M1.3 - Info Disclosure
CVE-2011-2042
Cisco CiscoWorks <4.1 - Info Disclosure
CVE-2011-3431
iPhone OS - Unauthorized Sensitive Information Exposure via Home Screen Gesture
CVE-2011-3427
Apple iOS <5 - Apple TV <4.4 - Info Disclosure
CVE-2011-3253
iPhone OS - Unprotected User Data Exposure via CalDAV SSL Certificate Validation Bypass
CVE-2011-3246
CFNetwork in iOS < 5.0.1 and Mac OS X < 10.7.2 - Unintended Cookie Transmission via Malformed URL Parsing
CVE-2011-3242
Apple Safari - Unauthorized Cookie Tracking via Private Browsing Block Cookies Setting
CVE-2011-3220
macOS X < 10.7.2 - Information Disclosure via QuickTime URL Data Handler
CVE-2011-0231
macOS < 10.7.2 - Unintended Cookie Storage Policy Bypass
CVE-2011-3975
HTC Android <2.3.4 - Info Disclosure
CVE-2011-3580
IceWarp Mail Server <10.3.3 - Info Disclosure
CVE-2011-3694
NetSaro Enterprise Messenger Server 2.0 - Info Disclosure
CVE-2011-3826
Zikula 1.2.4 - Exposure of Sensitive Information via Direct Request to PHP Files
CVE-2011-3825
Zend Framework 1.11.3 - Info Disclosure
CVE-2011-3824
Your Own URL Shortener (YOURLS) 1.5 - Info Disclosure
CVE-2011-3823
Yamamah 1.0 - Exposure of Sensitive Information via Direct PHP File Request
CVE-2011-3822
XOOPS 2.5.0 - Exposure of Sensitive Information via Direct PHP File Request
CVE-2011-3821
xajax 0.6 beta1 - Unauthenticated Sensitive Information Exposure via Direct PHP File Request
CVE-2011-3820
WSN Software 6.0.6 - Info Disclosure
Details
Vulnerabilities
10,205
Exploit Likelihood
High