CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,205 vulnerabilities with CWE-200
CVE-2011-2081
MediaCAST < 8 - Unauthenticated Sensitive Information Exposure via Public Directory Traversal
CVE-2011-2076
MediaCAST < 8 - Cleartext Password Storage
CVE-2011-1788
VMware vCenter <4.0-4.1 - Info Disclosure
CVE-2011-1015
Python 2.5, 2.6, 3.0 - Unauthenticated Script Source Code Exposure via CGIHTTPServer is_cgi Method
CVE-2011-1503
Liferay Portal CE <6.0.6 - Info Disclosure
CVE-2011-1502
Liferay Portal 6.0.0-6.0.5 - Authenticated XML External Entity Injection
CVE-2011-1839
IBM Rational Build Forge 7.1.0 - Info Disclosure
CVE-2011-1725
HP Network Automation <9.10 - Info Disclosure
CVE-2011-1687
Best Practical Solutions RT <4.0.0rc - Info Disclosure
CVE-2011-1820
IBM Tivoli Directory Server <6.3.0.3 - Info Disclosure
CVE-2011-1713
Microsoft msxml.dll - Info Disclosure
CVE-2011-1712
Mozilla Firefox <3.5.19, 3.6.x <3.6.17, 4.x <4.0.1 - Info Disclosure
CVE-2011-0195
iPhone OS 4.3.x < 4.3.2 - Information Disclosure via libxslt generate-id XPath Function
CVE-2011-1531
HP Embedded Web Server - Info Disclosure
CVE-2011-1245
Microsoft Internet Explorer 6 and 7 - Unauthorized Sensitive Information Exposure via Cross-Domain Script Access
CVE-2011-1672
Dell Kace K2000 Systems Deployment Appliance < 3.3.36822 - Information Disclosure
CVE-2011-1666
Metaways Tine 2.0 - Info Disclosure
CVE-2011-1569
Douran Portal 3.9.7.8 - Info Disclosure
CVE-2011-0890
HP Discovery & Dependency Mapping Inventory 7.50-7.70, 9.30 - Unauthenticated Sensitive Information Exposure via SNMP
CVE-2011-0178
Apple Mac OS X <10.6.7 - Info Disclosure
CVE-2011-0701
WordPress < 3.0.4 - Authenticated Exposure of Sensitive Information via Modified attachment_id Parameter
CVE-2011-1418
iPhone OS < 4.2 and Apple TV < 4.2 - User Tracking via IPv6 SLAAC MAC Address Exposure
CVE-2011-1416
RIM BlackBerry Torch 9800 - Memory Corruption
CVE-2011-1202
Google Chrome < 10.0.648.127 - Exposure of Sensitive Information via XSLT generate-id Function
CVE-2011-1190
Google Chrome < 10.0.648.127 - Same Origin Policy Bypass via Web Workers Error Message Leak
Details
Vulnerabilities 10,205
Exploit Likelihood High