CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,205 vulnerabilities with CWE-200
CVE-2011-2081
MediaCAST < 8 - Unauthenticated Sensitive Information Exposure via Public Directory Traversal
CVE-2011-2076
MediaCAST < 8 - Cleartext Password Storage
CVE-2011-1788
VMware vCenter <4.0-4.1 - Info Disclosure
CVE-2011-1015
Python 2.5, 2.6, 3.0 - Unauthenticated Script Source Code Exposure via CGIHTTPServer is_cgi Method
CVE-2011-1503
Liferay Portal CE <6.0.6 - Info Disclosure
CVE-2011-1502
Liferay Portal 6.0.0-6.0.5 - Authenticated XML External Entity Injection
CVE-2011-1839
IBM Rational Build Forge 7.1.0 - Info Disclosure
CVE-2011-1725
HP Network Automation <9.10 - Info Disclosure
CVE-2011-1687
Best Practical Solutions RT <4.0.0rc - Info Disclosure
CVE-2011-1820
IBM Tivoli Directory Server <6.3.0.3 - Info Disclosure
CVE-2011-1713
Microsoft msxml.dll - Info Disclosure
CVE-2011-1712
Mozilla Firefox <3.5.19, 3.6.x <3.6.17, 4.x <4.0.1 - Info Disclosure
CVE-2011-0195
iPhone OS 4.3.x < 4.3.2 - Information Disclosure via libxslt generate-id XPath Function
CVE-2011-1531
HP Embedded Web Server - Info Disclosure
CVE-2011-1245
Microsoft Internet Explorer 6 and 7 - Unauthorized Sensitive Information Exposure via Cross-Domain Script Access
CVE-2011-1672
Dell Kace K2000 Systems Deployment Appliance < 3.3.36822 - Information Disclosure
CVE-2011-1666
Metaways Tine 2.0 - Info Disclosure
CVE-2011-1569
Douran Portal 3.9.7.8 - Info Disclosure
CVE-2011-0890
HP Discovery & Dependency Mapping Inventory 7.50-7.70, 9.30 - Unauthenticated Sensitive Information Exposure via SNMP
CVE-2011-0178
Apple Mac OS X <10.6.7 - Info Disclosure
CVE-2011-0701
WordPress < 3.0.4 - Authenticated Exposure of Sensitive Information via Modified attachment_id Parameter
CVE-2011-1418
iPhone OS < 4.2 and Apple TV < 4.2 - User Tracking via IPv6 SLAAC MAC Address Exposure
CVE-2011-1416
RIM BlackBerry Torch 9800 - Memory Corruption
CVE-2011-1202
Google Chrome < 10.0.648.127 - Exposure of Sensitive Information via XSLT generate-id Function
CVE-2011-1190
Google Chrome < 10.0.648.127 - Same Origin Policy Bypass via Web Workers Error Message Leak
Details
Vulnerabilities
10,205
Exploit Likelihood
High