CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,213 vulnerabilities with CWE-200
CVE-2008-3901
Software Suspend 2-2.2.1 - Info Disclosure
CVE-2008-3857
IBM DB2 9.1 - Exposure of Sensitive Information via Base Service Utilities
CVE-2008-3777
Avaya SIP Enablement Services 5.0 - Info Disclosure
CVE-2008-2937
Postfix 2.5-2.5.3 and 2.6 < 20080814 - Unauthorized Mailbox File Access
CVE-2008-3514
VMware VirtualCenter <2.0.2-2.5 - Info Disclosure
CVE-2008-3651
ipsec-tools racoon daemon - Memory Leak via Invalid Proposals
CVE-2008-0082
Windows Messenger 4.7 and 5.1 - Exposure of Sensitive Information via Messenger.UIAutomation.1 ActiveX Control
CVE-2008-2246
Windows Vista through SP1 and Server 2008 - Unauthorized Access via IPsec Policy Import Failure
CVE-2008-3550
IBM Rational ClearQuest 7.0.1 - Info Disclosure
CVE-2008-3272
Linux kernel <2.6.27-rc2 - Info Disclosure
CVE-2008-3451
PhpWebGallery <1.7.2 - Info Disclosure
CVE-2008-3458
Vtiger CRM <5.0.4 - Info Disclosure
CVE-2008-3400
xrms_crm 1.99.2 - Exposure of Sensitive Information via Direct Request to tests/info.php
CVE-2008-3339
Jobbex JobSite - Information Exposure via Error Message
CVE-2008-3327
Moodle 1.6.5 - Exposure of Sensitive Information via Direct Request to Blog and Stats Pages
CVE-2008-3304
BilboBlog 0.2.1 - Exposure of Sensitive Information via Error Message
CVE-2008-3259
OpenSSH < 5.1 - Local X11 Forwarding Port Hijack via SO_REUSEADDR
CVE-2008-3168
Empire Server <4.3.15 - Info Disclosure
CVE-2008-3171
Apple Safari - Sensitive Information Exposure via Referer Header
CVE-2008-2318
Xcode Tools < 3.1 - Exposure of Sensitive Information via WOHyperlink Session ID
CVE-2008-3147
WeFi 3.2.1.4.1 - Unprotected Wi-Fi Credential Exposure in Diagnostic Mode Logs
CVE-2008-3138
Wireshark <1.0.0 - DoS
CVE-2008-3139
Wireshark <1.0.0 - DoS
CVE-2008-3141
Wireshark 0.9.5-1.0.0 - Exposure of Sensitive Information via RMI Dissector
CVE-2008-3114
Sun Java Web Start <6 - Info Disclosure
Details
Vulnerabilities 10,213
Exploit Likelihood High