CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,205 vulnerabilities with CWE-200
CVE-2011-1187
Google Chrome < 10.0.648.127 - Same Origin Policy Bypass via Error Message Leak
CVE-2011-1310
IBM WebSphere Application Server 6.1.0.x-6.1.0.34 and 7.x-7.0.0.14 - Sensitive Information Exposure
CVE-2011-1074
FreeBSD - Local Directory Existence Disclosure via crontab Command-Line Argument
CVE-2011-0711
Linux Kernel < 2.6.38 - Information Disclosure via xfs_fs_geometry FSGEOMETRY_V1 Ioctl
CVE-2011-1020
Linux Kernel < 2.6.37 - Unauthorized Information Exposure via Proc Filesystem
CVE-2011-1103
F-Secure Policy Manager 7.x, 8.00-8.1x, 9.00 - Information Exposure via Invalid Report Request
CVE-2011-0376
Cisco TelePresence System Software 1.2.x-1.6.1 - Unauthenticated Sensitive Information Exposure
CVE-2011-0710
Linux Kernel < 2.6.38 - Unauthorized Sensitive Information Exposure via /proc Status File
CVE-2011-0031
Microsoft Windows Server 2008 R2 & Windows 7 - Info Disclosure
CVE-2011-0776
Google Chrome < 9.0.597.84 - Exposure of Sensitive Information via Sandbox stat System Call
CVE-2011-0775
PivotX 2.2.2 - Information Exposure via Image Parameter Error Message
CVE-2011-0774
PivotX - Exposure of Sensitive Information via Direct Request to includes/ping.php and includes/spamping.php
CVE-2011-0737
MEDIUM
Adobe ColdFusion < 9.0.1 - Information Disclosure via .cfm File Error Message
CVSS 5.3
CVE-2011-0736
MEDIUM
Adobe ColdFusion < 9.0.1 - Unauthenticated Exposure of Sensitive Database Information via .cfm Query
CVSS 5.3
CVE-2011-0679
IBM WebSphere Portal 6.0.1.1-7.0.0.0 - Exposure of Sensitive Information via Modified Message
CVE-2011-0636
NVIDIA CUDA Toolkit - Uninitialized Memory Exposure via Pinned Memory Allocation
CVE-2010-1432
HIGH
Joomla! Core <1.5.16 - Info Disclosure
CVSS 7.5
CVE-2010-3917
MEDIUM
Google Chrome < 3.0 - Information Exposure via XML Document Handling
CVSS 6.5
CVE-2010-2450
HIGH
Shibboleth Service Provider - Exposure of Sensitive Information via Insecure Key File Permissions
CVSS 7.5
CVE-2010-3673
MEDIUM
TYPO3 < 4.2.13 - Information Disclosure in HTML Mailing API
CVSS 5.3
CVE-2010-3664
MEDIUM
TYPO3 < 4.1.14, 4.2.x < 4.2.13, 4.3.x < 4.3.4, 4.4.x < 4.4.1 - Information Disclosure in Backend
CVSS 6.5
CVE-2010-2783
CRITICAL
IcedTea6 < 1.7.4 - Unauthenticated Arbitrary File Read and Write via Extended JNLP Services
CVSS 9.1
CVE-2010-3845
CRITICAL
libapache-authenhook-perl - Plaintext Credential Exposure in Error Log
CVSS 9.8
CVE-2010-5292
Amberdms Billing System <1.4.1 - Info Disclosure
CVE-2010-4822
SilverStripe <2.4.4 - Info Disclosure
Details
Vulnerabilities
10,205
Exploit Likelihood
High