CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,209 vulnerabilities with CWE-200
CVE-2010-0648
Firefox < 3.5.7 - Unauthorized URL Exposure via Stylesheet LINK Element
CVE-2010-0644
Google Chrome < 4.0.249.89 - Sensitive Information Exposure via SOCKS 5 Proxy DNS Queries
CVE-2010-0643
Google Chrome < 4.0.249.89 - Unintended Direct Connection Information Exposure
CVE-2010-0642
Cisco Collaboration Server 5 - Unauthenticated Sensitive Information Exposure via URL-Encoded Filename Extension Bypass
CVE-2010-0563
IBM WebSphere Application Server 7.0.0.0-7.0.0.8 - Sensitive Information Exposure via SSL Misconfiguration
CVE-2010-0551
Geo++ GNCASTER < 1.4.0.7 - Unauthenticated Sensitive Information Exposure via HTTP Authentication Memory Disclosure
CVE-2010-0549
Xerox WorkCentre 6400 Exposure of Sensitive Information via Crafted PostScript File
CVE-2010-0548
Xerox WorkCentre 5632, 5638, 5645, 5655, 5665, 5675, 5687 - Unauthenticated Exposure of Sensitive Information
CVE-2010-0464
Roundcube Webmail < 0.3.1 - Unauthorized DNS Prefetching Exposure
CVE-2010-0463
Horde IMP < 4.3.6 - Exposure of Sensitive Information via DNS Prefetching
CVE-2010-0004
ViewVC < 1.1.3 - Unauthorized Exposure of Private Root Names
CVE-2010-0003
Linux Kernel < 2.6.32.4 - Unauthorized Memory Exposure via Signal Log
CVE-2010-0385
Tor < 0.2.1.22 and 0.2.2.x < 0.2.2.7-alpha - Exposure of Sensitive Information via Bridge Descriptor Query
CVE-2010-0384
Tor 0.2.2.x before 0.2.2.7-alpha - Exposure of Sensitive Information via Directory Mirror Logs
CVE-2010-0383
Tor < 0.2.1.22 and 0.2.2.x < 0.2.2.7-alpha - Exposure of Sensitive Information via Deprecated Identity Keys
CVE-2009-5045
HIGH
Eclipse Jetty < 6.1.22 - Information Disclosure via Dump Servlet
CVSS 7.5
CVE-2009-2899
SpringSource Hyperic HQ < 4.2 - Exposure of Sensitive Information via Sybase Database Plugin
CVE-2009-5122
Websense Email Security < 7.2 - Unauthenticated Sensitive Information Exposure via JBoss Status Page
CVE-2009-5117
McAfee Host Data Loss Prevention 3.x-3.0.100.10 & 9.x-9.0.0.422 - Sensitive Information Exposure
CVE-2009-5112
iwork WebGlimpse <= 2.18.7 - Exposure of Sensitive Information via wgarcmin.cgi
CVE-2009-5101
Pentaho BI Server < 1.7.0.1062 - Session ID Exposure via URL
CVE-2009-5100
Pentaho BI Server < 1.7.0.1062 - Password Exposure via Autocomplete
CVE-2009-0788
Red Hat Network Satellite Server <5.5 - Info Disclosure
CVE-2009-5035
IBM Lotus Notes Traveler < 8.5.0.1 - Exposure of Sensitive Information via Nokia Client
CVE-2009-5033
IBM Lotus Notes Traveler < 8.5.0.1 - Authenticated Exposure of Sensitive Information via Sync Operation
Details
Vulnerabilities
10,209
Exploit Likelihood
High