CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,209 vulnerabilities with CWE-200
CVE-2009-2797
Safari <3.1-3.1.1 - Info Disclosure
CVE-2009-2796
Apple iPhone OS <3.0.1 - Info Disclosure
CVE-2009-2266
OXID eShop <4.1.4-21266, 3.x, 2.x - Info Disclosure
CVE-2009-3097
HP Performance Insight 5.3 - Exposure of Sensitive Information
CVE-2009-3086
Ruby on Rails 2.1.0-2.2.2 and 2.3.x < 2.3.4 - Timing Attack via Cookie Digest Verification
CVE-2009-3002
Linux Kernel < 2.6.31 - Information Disclosure via Uninitialized Memory in getname Functions
CVE-2009-3001
Linux Kernel < 2.6.31 - Uninitialized Memory Exposure via llc_ui_getname
CVE-2009-2956
IBM WebSphere Commerce Suite - Exposure of Sensitive Information via Configuration Files
CVE-2009-2856
Sun Virtual Desktop Infrastructure 3.0 - Unauthenticated Exposure of Sensitive Information via LDAP Session Sniffing
CVE-2009-2691
Linux kernel <2.6.30.4 - Info Disclosure
CVE-2009-2200
Apple Safari <4.0.3 - Info Disclosure
CVE-2009-2475
Sun Java SE 5.0 < Update 20 & 6 < Update 15 - Info Disclosure
CVE-2009-2711
OpenSolaris - Unauthorized Exposure of Sensitive Information via Popup Windows
CVE-2009-1870
Adobe AIR < 1.5.2 - Exposure of Sensitive Information via SWF File Saving
CVE-2009-2495
MEDIUM
Microsoft Visual Studio .NET 2003-2008 - Info Disclosure
CVSS 6.5
CVE-2009-2445
Oracle iPlanet Web Server <7.0 - Info Disclosure
CVE-2009-2332
CMS Chainuk < 1.2 - Exposure of Sensitive Information via Crafted id Parameter
CVE-2009-2329
KerviNet Forum <1.1 - Info Disclosure
CVE-2009-2274
Huawei D100 - Unauthenticated Sensitive Information Exposure via Direct ASP Request
CVE-2009-2260
stardict 3.0.1 - Unauthenticated Exposure of Sensitive Information via Net Dict Clipboard Transmission
CVE-2009-2046
Cisco Video Surveillance 2500 Series IP Camera <2.1 - Info Disclosure
CVE-2009-2134
Pivot 1.40.4 and 1.40.7 - Exposure of Sensitive Information via Invalid URL Parameter
CVE-2009-2130
elvinbts 1.2.0 - Unauthenticated Sensitive Information Exposure via Direct Request
CVE-2009-1680
iPhone OS 1.0-2.2.1 and iPod touch 1.1-2.2.1 - Unauthorized Search History Exposure via Settings Clear
CVE-2009-0958
iPhone OS 1.0-2.2.1 and iPhone OS for iPod touch 1.1-2.2.1 - Untrusted Certificate Exception Storage
Details
Vulnerabilities
10,209
Exploit Likelihood
High