CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,213 vulnerabilities with CWE-200
CVE-2008-4029
Microsoft XML Core Services <4.0 - Info Disclosure
CVE-2008-4821
Adobe Flash Player <= 9.0.124.0 - Exposure of Sensitive Information via jar: URL Handling
CVE-2008-4820
Adobe Flash Player < 9.0.124.0 - Exposure of Sensitive Information
CVE-2008-4808
IBM Lotus Connections < 2.0 - Information Disclosure
CVE-2008-4747
Sun Java System LDAP JDK - Exposure of Sensitive Information via Search Feature
CVE-2008-4695
Opera < 9.60 - Unauthenticated Exposure of Sensitive Information via Cached Java Applet
CVE-2008-4721
PHP Jabbers Post Comment 3.0 - Unauthenticated Administrative Access via PostCommentsAdmin Cookie
CVE-2008-4693
IBM DB2 < 9.1 FP6 and < 9.5 FP2 - Sensitive Information Exposure in SORT/LIST SERVICES Trace Output
CVE-2008-4688
Mantis < 1.1.3 - Unauthorized Issue Data Exposure via Modified Issue Number
CVE-2008-4638
Symantec Veritas File System < 5.0 MP3 - Unauthenticated Arbitrary File Read via qioadmin Error Message
CVE-2008-3248
Symantec Veritas File System - Info Disclosure
CVE-2008-4635
hisa_cart < 1.29 - Exposure of Sensitive User Information
CVE-2008-4593
Apple iPhone 2.1 - Unauthorized SMS Exposure via Emergency Call Screen
CVE-2008-4412
HP Systems Insight Manager < 5.2 Update 2 - Exposure of Sensitive Information
CVE-2008-3474
MEDIUM
Microsoft Internet Explorer 6-7 - Info Disclosure
CVSS 6.5
CVE-2008-4491
Apple Mail.app 3.5 - Unprotected Sensitive Data Exposure via S/MIME Draft Storage
CVE-2008-3060
v-webmail 1.5.0 - Information Disclosure via Login Page Error Handling
CVE-2008-4445
Linux Kernel < 2.6.26.4 - Local Information Exposure via SCTP_HMAC_IDENT IOCTL Request
CVE-2008-4278
VMware VirtualCenter < 2.5 Update 3 - Cleartext Password Exposure via Special Characters
CVE-2008-4360
lighttpd < 1.4.20 - Unauthorized File Access via Case-Sensitive Filename Bypass
CVE-2008-4359
lighttpd < 1.4.20 - Unauthenticated Sensitive Information Exposure via URL Decoding Bypass
CVE-2008-4199
Opera < 9.52 - Exposure of Sensitive Information via Local Feed Source File Links
CVE-2008-4069
Firefox < 2.0.0.16 - Uninitialized Memory Exposure via XBM Image Decoder
CVE-2008-4207
Attachmax Dolphin <= 2.1.0 - Unauthenticated Sensitive Information Exposure via info.php
CVE-2008-4183
IntegraMOD 1.4.x - Unauthenticated Sensitive Information Exposure via Backup File Download
Details
Vulnerabilities
10,213
Exploit Likelihood
High