CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,205 vulnerabilities with CWE-200
CVE-2011-0217
Apple Safari < 5.0.6 - Unauthorized Exposure of AutoFill Information via Crafted Form
CVE-2011-1356
IBM WebSphere Application Server <6.1.0.39, 7.0.0.19 - Info Disclosure
CVE-2011-2759
IBM Tivoli Directory Server < 6.2.0.3-TIV-ITDS-IF0004 - Exposure of Sensitive Information via Login Page Autocomplete
CVE-2011-1498
Apache HttpClient <4.1.1 - Info Disclosure
CVE-2011-2536
Asterisk <1.4.41.2, <1.6.2.18.2, <1.8.4.4, <C.3.7.3 - Unauthenticated User Enumeration via SIP
CVE-2011-2599
Google Chrome 11 - Exposure of Sensitive Information via WebGL Timing Attack
CVE-2011-2598
Firefox 4.x - Unauthorized Sensitive Information Exposure via WebGL and SVG Filter
CVE-2011-2204
Apache Tomcat <5.5.34,6.0.33,7.0.17 - Info Disclosure
CVE-2011-0197
Apple Mac OS X <10.6.8 - Info Disclosure
CVE-2011-1173
Linux Kernel < 2.6.39 - Information Disclosure via Uninitialized AUN Packet Data
CVE-2011-1172
Linux Kernel < 2.6.39 - Information Disclosure via IPv6 Netfilter String Handling
CVE-2011-1171
Linux Kernel < 2.6.39 - Information Disclosure via IPv4 Netfilter String Handling
CVE-2011-1170
Linux Kernel < 2.6.39 - Information Exposure via arp_tables String Handling
CVE-2011-1131
Simplemachines Smf < 1.1.12 - Information Disclosure
CVE-2011-1280
Microsoft InfoPath 2007 SP2 and 2010 - XML External Entity Injection via .disco File
CVE-2011-1246
Microsoft Internet Explorer 8 - Unauthorized Information Exposure via MIME Sniffing
CVE-2011-1810
Google Chrome <12.0.742.91 - Info Disclosure
CVE-2011-2146
VMware Workstation, Player, Fusion, ESX, ESXi - Unauthorized File and Directory Existence Disclosure via HGFS
CVE-2011-1647
Cisco RVS4000/WRVS4400N <2.0.2.1 - Info Disclosure
CVE-2011-2156
SmarterStats 6.0 - Unauthenticated Directory Listing Exposure via Direct Request
CVE-2011-2154
SmarterStats 6.0 - Exposure of Sensitive Information via Missing HTTPOnly Flag in login.aspx
CVE-2011-2153
SmarterStats 6.0 - Credential Exposure via Login.aspx Query String Parameters
CVE-2011-2152
SmarterStats 6.0 - Exposure of Sensitive Information via Referer Log Leakage
CVE-2011-0579
Adobe Flash Player < 10.3.181.14 - Exposure of Sensitive Information
CVE-2011-2088
Apache Struts 2.2.1 - Info Disclosure
Details
Vulnerabilities
10,205
Exploit Likelihood
High