CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,209 vulnerabilities with CWE-200
CVE-2010-1800
CFNetwork - Sensitive Information Exposure via Anonymous SSL/TLS Connections
CVE-2010-3118
Google Chrome <5.0.375.127 - Info Disclosure
CVE-2010-2531
PHP 5.2.0-5.2.13 and 5.3.0-5.3.2 - Sensitive Information Exposure via var_export Fatal Error Handling
CVE-2010-2484
PHP 5.2 - Exposure of Sensitive Information via strrchr Function Interruption
CVE-2010-3062
PHP 5.3-5.3.2 - Exposure of Sensitive Information via Mysqlnd Length Value Handling
CVE-2010-3014
Coda filesystem kernel module - Buffer Overflow
CVE-2010-2758
Bugzilla 2.17.1-3.2.7, 3.3.1-3.4.7, 3.5.1-3.6.1, 3.7-3.7.2 - Information Exposure via Error Message Discrepancy
CVE-2010-1258
Microsoft Internet Explorer <8 - XSS
CVE-2010-2989
Nessus Web Server Plugin 1.2.4 - Exposure of Sensitive Information via /feed Method
CVE-2010-2982
Cisco UWN <7.0.98.0 - Info Disclosure
CVE-2010-2975
Cisco UWN <7.0.98.0 - Info Disclosure
CVE-2010-2791
Apache HTTP Server <2.2.9 - Info Disclosure
CVE-2010-1796
Safari < 5.0.1 - Unauthenticated Exposure of Sensitive Information via AutoFill Keystroke Events
CVE-2010-2913
Citibank Citi Mobile <2.0.3 - Info Disclosure
CVE-2010-2754
SeaMonkey < 2.0.6 - Sensitive Information Exposure via Error Handler
CVE-2010-2859
SimpNews <= 2.47.3 - Information Disclosure via Invalid Lang Parameter
CVE-2010-2659
Opera <10.50-10.60 - Info Disclosure
CVE-2010-2612
HP OpenVMS - Unauthorized Exposure of Sensitive Information via Auditing Feature
CVE-2010-1407
iPhone OS < 4 - Information Exposure via WebKit History.replaceState
CVE-2010-2336
Yamamah Photo Gallery 1.00 - Unauthenticated Source Code Disclosure via Download Parameter
CVE-2010-2333
LiteSpeed Web Server < 4.0.15 - Unauthenticated Source Code Disclosure via Null Byte and .txt Extension
CVE-2010-2326
IBM WebSphere Application Server 7.0 - Exposure of Sensitive Information via addNode.log File
CVE-2010-2323
IBM WebSphere Application Server < 7.0.0.11 - Exposure of Sensitive Information via Default Profile Creation Log
CVE-2010-2068
Apache HTTP Server 2.2.9-2.2.15, 2.3.4-alpha, 2.3.5-alpha - Sensitive Information Exposure via Proxy Worker Pool Timeout
CVE-2010-2263
nginx 0.7.52-0.7.65 and 0.8-0.8.39 on Windows - Unauthenticated Arbitrary File Read via ::$DATA URI Suffix
Details
Vulnerabilities
10,209
Exploit Likelihood
High