CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,205 vulnerabilities with CWE-200
CVE-2011-3502
Cogent DataHub <7.1.1.63 - Info Disclosure
CVE-2011-3497
Measuresoft ScadaPro < 4.0.0 - Remote Code Execution via XF Function
CVE-2011-1892
Microsoft SharePoint and Office Products - XML External Entity Injection in Web Parts
CVE-2011-3388
Opera < 11.51 - Unauthenticated Exposure of Sensitive Information via Extended Validation Spoofing
CVE-2011-1643
Cisco Unified Communications Manager Database Data Exposure via SSL Query Interface
CVE-2011-2737
RSA enVision < 4 SP4 P3 - Unauthenticated Arbitrary File Read
CVE-2011-3265
Zabbix < 1.8.7 - Unauthenticated Exposure of Sensitive Information via popup.php srctbl Parameter
CVE-2011-3264
Zabbix < 1.8.6 - Unauthenticated Sensitive Information Exposure via Invalid srcfld2 Parameter
CVE-2011-2986
Mozilla Firefox 4.x-5 and Thunderbird < 6 - Unauthorized Sensitive Image Data Exposure via Canvas
CVE-2011-2983
Firefox < 3.6.20 - Same Origin Policy Bypass via RegExp.input Use-After-Free
CVE-2011-3011
CA ARCserve D2D r15 - Exposure of Sensitive Information via Session Handling
CVE-2011-3128
WordPress 3.1-3.1.2 and 3.2 Beta 1 - Unauthorized Sensitive Data Exposure via Unattached Attachments
CVE-2011-3126
WordPress 3.1-3.1.2 and 3.2 Beta 1 - Username Enumeration via Canonical Redirects
CVE-2011-1978
Microsoft .NET Framework <4 - Info Disclosure
CVE-2011-1977
Microsoft .NET Framework 4-3.5 SP1 - Info Disclosure
CVE-2011-2380
Bugzilla Multiple Versions - Private Group Name Exposure via Bug Creation or Editing
CVE-2011-2720
GLPI < 0.80.2 - Exposure of Sensitive Information via Autocompletion
CVE-2011-2800
Google Chrome < 13.0.782.107 - Exposure of Sensitive Information via Client-Side Redirect
CVE-2011-2784
Google Chrome < 13.0.782.107 - Exposure of Sensitive Information via GL Program Log
CVE-2011-2492
Linux Kernel < 3.0 - Information Disclosure via Bluetooth getsockopt System Call
CVE-2011-2891
Joomla! 1.6.x < 1.6.2 - Information Disclosure via Empty Itemid Parameter
CVE-2011-2890
Joomla! < 1.5.23 - Information Disclosure via MediaViewMedia Base Variable
CVE-2011-2889
Joomla! < 1.5.23 - Information Disclosure via Error Page Path Exposure
CVE-2011-2488
Joomla! < 1.5.23 - Information Disclosure
CVE-2011-0244
Safari < 5.0.6 - Unauthenticated Arbitrary File Read via RSS Feed URL Canonicalization
Details
Vulnerabilities
10,205
Exploit Likelihood
High