CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,213 vulnerabilities with CWE-200
CVE-2009-2134
Pivot 1.40.4 and 1.40.7 - Exposure of Sensitive Information via Invalid URL Parameter
CVE-2009-2130
elvinbts 1.2.0 - Unauthenticated Sensitive Information Exposure via Direct Request
CVE-2009-1680
iPhone OS 1.0-2.2.1 and iPod touch 1.1-2.2.1 - Unauthorized Search History Exposure via Settings Clear
CVE-2009-0958
iPhone OS 1.0-2.2.1 and iPhone OS for iPod touch 1.1-2.2.1 - Untrusted Certificate Exception Storage
CVE-2009-2115
SkyBlueCanvas 1.1 r237 - Info Disclosure
CVE-2009-1835
Firefox < 3.0.11 - Unauthorized Cookie Access via file:// URL Parsing
CVE-2009-2042
libpng < 1.2.37 - Memory Information Disclosure via 1-bit Interlaced Image Parsing
CVE-2009-2031
smbfs <snv_84-snv_110 - Info Disclosure
CVE-2009-1140
Microsoft Internet Explorer Cross-Domain Information Disclosure via Cached Content Rendering
CVE-2009-1718
Safari < 4.0 - Exposure of Sensitive Information via Drag Event Handling
CVE-2009-1713
Apple Safari < 4.0 - Exposure of Sensitive Information via XSLT Document Function
CVE-2009-1706
Safari < 4.0 - Unauthorized Cookie Exposure via Private Browsing Feature
CVE-2009-1703
Apple Safari < 4.0 - Unauthorized File Existence Disclosure via Media Element file: URL
CVE-2009-1700
Apple Safari < 4.0 - Information Exposure via XSLT Redirect Handling
CVE-2009-0229
Microsoft Windows - Info Disclosure
CVE-2009-1296
ecryptfs-utils 73-0ubuntu6.1 - Unauthorized Exposure of Mount Passphrase in Installation Logs
CVE-2009-1949
Unclassified NewsBoard (UNB) <1.6.4 - Info Disclosure
CVE-2009-0783
MEDIUM
Apache Tomcat <6.0.19 - Info Disclosure
CVSS 4.2
CVE-2009-0580
Apache Tomcat <6.0.18 - Info Disclosure
CVE-2009-1900
IBM WebSphere Application Server <7.0.0.5 - Info Disclosure
CVE-2009-1898
IBM WebSphere Application Server (WAS) 6.0.2 - Info Disclosure
CVE-2009-1803
FreePBX 2.4.x-2.5.x and 2.6.x - Username Enumeration via Login Error Messages
CVE-2009-1769
OCS Inventory NG - Username Enumeration via Error Message Discrepancy
CVE-2009-1756
SLiM Simple Login Manager 1.3.0 - Local Exposure of X Authority Cookie via Command Line
CVE-2009-1556
Cisco WVC54GCA - Authenticated Arbitrary File Read via next_file Parameter
Details
Vulnerabilities
10,213
Exploit Likelihood
High