CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,209 vulnerabilities with CWE-200
CVE-2010-2264
Safari < 5.0 - Information Exposure via CSS :visited Pseudo-Class
CVE-2010-1406
Apple Safari < 5.0 - Sensitive Information Exposure via Referer Header
CVE-2010-1393
Safari < 5.0 - Sensitive URL Exposure via CSS HREF Redirect
CVE-2010-1388
Safari < 5.0 - Unauthenticated Exposure of Sensitive Information via Clipboard Drag and Paste Operations
CVE-2010-1384
Apple Safari < 5.0 - Unauthenticated Exposure of Sensitive Information via URL Credential Display
CVE-2010-2190
PHP 5.2-5.2.13 and 5.3-5.3.2 - Memory Contents Exposure via Interruption of trim/ltrim/rtrim/substr_replace Functions
CVE-2010-1636
Linux Kernel 2.6.29-2.6.32 - Unauthorized Sensitive Information Exposure via btrfs_ioctl_clone
CVE-2010-2101
PHP 5.2-5.2.13 and 5.3-5.3.2 - Memory Contents Exposure via Userspace Interruption
CVE-2010-2100
PHP 5.2-5.2.13 and 5.3-5.3.2 - Information Disclosure via Userspace Interruption of Internal Functions
CVE-2010-2097
PHP 5.2-5.2.13 and 5.3-5.3.2 - Memory Contents Exposure via Userspace Interruption of iconv Functions
CVE-2010-1294
Adobe ColdFusion <9.0 - Info Disclosure
CVE-2010-1457
GNUstep Base <1.20.0 - Info Disclosure
CVE-2010-1915
PHP 5.2-5.2.13 and 5.3-5.3.2 - Information Disclosure via preg_quote Interruption
CVE-2010-1914
PHP 5.2-5.2.13 and 5.3-5.3.2 - Information Disclosure via Zend Engine Opcode Interruption
CVE-2010-1907
Consona Dynamic Agent - Information Disclosure
CVE-2010-1864
PHP 5.2-5.2.13 and 5.3-5.3.2 - Memory Contents Exposure via addcslashes Interruption
CVE-2010-1862
PHP 5.2-5.2.13 and 5.3-5.3.2 - Information Disclosure via chunk_split Function Interruption
CVE-2010-1860
PHP 5.2-5.2.13 and 5.3-5.3.2 - Memory Contents Exposure via html_entity_decode Interruption
CVE-2010-1852
Microsoft Internet Explorer - Exposure of Sensitive Information via Invisible Hand Extension Cookie Handling
CVE-2010-1851
Google Chrome - Exposure of Sensitive Information via Invisible Hand Extension Cookie Handling
CVE-2010-1157
Apache Tomcat <6.0.26 - Info Disclosure
CVE-2010-0025
Microsoft Windows and Exchange Server - Unauthorized Email Content Exposure via SMTP Memory Allocation
CVE-2010-1149
udisks < 1.0 - Unauthorized Exposure of Encryption Keys via udev Export
CVE-2010-1138
VMware <7.0.1-3.0.1 - Info Disclosure
CVE-2010-1310
Opera Browser 10.50 - Exposure of Sensitive Information via XSLT Constructs
Details
Vulnerabilities 10,209
Exploit Likelihood High