CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,213 vulnerabilities with CWE-200
CVE-2008-4180
NooMS 1.1 - Unauthenticated Password Brute Force via Database Credential Parameters
CVE-2008-4164
MemHT Portal <= 3.9.0 - Exposure of Sensitive Information via Direct Request to cron.php
CVE-2008-4170
osCommerce 2.2 RC 2a - Information Exposure via Invalid dob Parameter
CVE-2008-4125
phpBB 2.x - Exposure of Sensitive Information via Search Function PRNG State Leak
CVE-2008-4115
TalkBack 2.3.6 - Unauthenticated Sensitive Information Exposure via info.php
CVE-2008-4113
Linux Kernel < 2.6.26.4 - Sensitive Information Exposure via SCTP_HMAC_IDENT IOCTL
CVE-2008-2330
Apple Mac OS X Server 10.5-10.5.4 - Unauthorized Password Exposure via slapconfig Output File
CVE-2008-2329
Mac OS X 10.5-10.5.4 - User Name Enumeration via Login Window Wildcard Characters
CVE-2008-3274
Red Hat Enterprise IPA <1.1.1 - Info Disclosure
CVE-2008-3962
ssmtp 2.61 and 2.62 - Exposure of Sensitive Information via Uninitialized Memory in From Field
CVE-2008-3914
ClamAV < 0.93.3 - File Descriptor Leak in Error Path
CVE-2008-3634
Apple iTunes <8.0 - Info Disclosure
CVE-2008-3539
HP OpenView Select Identity - Unspecified Vuln
CVE-2008-3903
Asterisk Open Source <1.2.32, 1.4.24.1, 1.6.0.8 - Info Disclosure
CVE-2008-2736
Cisco ASA 5500 Sensitive Information Exposure via Clientless SSL VPN
CVE-2008-3902
HP firmware 68DTT F.0D - Info Disclosure
CVE-2008-2101
VMware ESX 3.0.1-3.0.3 and 3.5 - Exposure of Sensitive Information via VCB Command-Line Password
CVE-2008-3893 MEDIUM
Microsoft Bitlocker <Windows Vista SP1 - Info Disclosure
CVSS 5.5
CVE-2008-3894
IBM Lenovo firmware <7CETB5WW 2.05 - Info Disclosure
CVE-2008-3895
LILO < 22.6.1 - Unauthenticated Exposure of Sensitive Information via BIOS Keyboard Buffer
CVE-2008-3896
Grub Legacy <0.97 - Info Disclosure
CVE-2008-3897
DiskCryptor 0.2.6 - Info Disclosure
CVE-2008-3898
Secu Star DriveCrypt Plus Pack 3.9 - Info Disclosure
CVE-2008-3899
TrueCrypt 5.0 - Exposure of Sensitive Information via BIOS Keyboard Buffer
CVE-2008-3900
Intel firmware PE94510M.86A.0050.2007.0710.1559 - Info Disclosure
Details
Vulnerabilities 10,213
Exploit Likelihood High