CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,205 vulnerabilities with CWE-200
CVE-2010-5188
SilverStripe 2.3.x <2.3.6 - Info Disclosure
CVE-2010-5187
SilverStripe <2.3.8-2.4.1 - Info Disclosure
CVE-2010-5104
TYPO3 <4.2.16-4.4.5 - Info Disclosure
CVE-2010-4563
Linux Kernel - Unauthenticated IPv6 Network Sniffing Detection via ICMPv6 Echo Request
CVE-2010-4562
Microsoft Windows - Unauthorized Network Sniffing Detection via ICMPv6 Echo Request
CVE-2010-5069
Google Chrome 4 - Information Exposure via CSS :visited Pseudo-Class
CVE-2010-5068
Opera 10.5 - Exposure of Sensitive Information via CSS :visited Pseudo-Class
CVE-2010-4804
Android < 2.3.4 - Unauthorized SD Card Data Exposure via Crafted Content URIs
CVE-2010-2787
MediaWiki <1.15.5 - Info Disclosure
CVE-2010-4781
Enano CMS <1.1.8-1.1.7pl2 - Info Disclosure
CVE-2010-4760
OTRS <3.0.0-beta6 - Info Disclosure
CVE-2010-0214
PolyVision RoomWizard Firmware 3.2.3 - Exposure of Active Directory Credentials in Admin Interface
CVE-2010-4525
Linux kernel 2.6.33 and 2.6.34.y - Information Exposure via Uninitialized kvm_vcpu_events Structure
CVE-2010-4225
Mono mod_mono < 2.8.2 - Source Code Disclosure via ASP.NET Application Unloading Bug
CVE-2010-4349
MantisBT < 1.2.4 - Information Disclosure via Invalid db_type Parameter
CVE-2010-3875
Linux Kernel < 2.6.37 - Information Exposure via Uninitialized ax25_getname Structure
CVE-2010-4625
MyBB < 1.4.12 - Unauthenticated Exposure of Sensitive Information via Latest Threads Block
CVE-2010-4158
Linux Kernel < 2.6.36.2 - Information Disclosure via Uninitialized Stack Memory in Socket Filter
CVE-2010-4611
html-edit CMS 3.1.8 - Exposure of Sensitive Information via Direct Request to Core Files
CVE-2010-4608
Habari 0.6.5 - Unauthenticated Sensitive Information Exposure via Direct Request
CVE-2010-4600
Dojo Toolkit - Exposure of Sensitive Information via Cookie Access
CVE-2010-4565
Linux Kernel < 2.6.36 - Exposure of Sensitive Information via CAN Broadcast Manager Filename
CVE-2010-3881
Linux Kernel < 2.6.36.2 - Uninitialized Memory Exposure via /dev/kvm Read Operations
CVE-2010-4112
HP Insight Management Agents < 8.6 - Unauthenticated Sensitive Information Exposure via Path Disclosure
CVE-2010-4580
Opera < 11.00 - Exposure of Sensitive Information via WAP WML Form Fields
Details
Vulnerabilities 10,205
Exploit Likelihood High