CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,215 vulnerabilities with CWE-200
CVE-2008-3141
Wireshark 0.9.5-1.0.0 - Exposure of Sensitive Information via RMI Dissector
CVE-2008-3114
Sun Java Web Start <6 - Info Disclosure
CVE-2008-3094
Organic Groups < 5.x-7.3 and < 6.x-1.0-RC1 - Unauthorized Sensitive Information Exposure
CVE-2008-3078
Opera < 9.51 - Uninitialized Memory Exposure via CANVAS Element
CVE-2008-0085
Microsoft SQL Server Memory Page Reuse Information Exposure
CVE-2008-2807
Firefox < 2.0.0.15 and SeaMonkey < 1.1.10 - Unauthorized Memory Read via Invalid Add-on Properties File
CVE-2008-3040
TYPO3 DAM Frontend Extension < 0.1.0 - Exposure of Sensitive Information
CVE-2008-3049
pdf_generator2 < 0.5.0 - Exposure of Sensitive Information
CVE-2008-0598
Linux Kernel 2.6.9 2.6.18 - Uninitialized Memory Exposure via Crafted Binary
CVE-2008-2729
Linux Kernel < 2.6.19 - Information Exposure via Exception During Memory Copy
CVE-2008-2881
Relative Real Estate Systems < 3.0 - Cleartext Password Storage
CVE-2008-2864
eLineStudio Site Composer <= 2.6 - Exposure of Sensitive Information via Direct Request
CVE-2008-2782
OtomiGenX 2.2 - Directory Traversal and Arbitrary File Execution via Lang Parameter
CVE-2008-2747
No-IP Dynamic Update Client 2.2.1 - Unauthorized Exposure of Sensitive Information via Registry Key Permissions
CVE-2008-2721
Menalto Gallery < 2.2.5 - Unauthorized Hidden Album Title Exposure via Album-Select Module
CVE-2008-2723
Menalto Gallery < 2.2.5 - Exposure of Sensitive Information via embed.php
CVE-2008-2715
Opera < 9.50 - Cross-Domain Image Reading via HTML Canvas Pattern
CVE-2008-2681
Realm CMS < 2.3 - Exposure of Sensitive Information via Direct Request to _db/compact.asp
CVE-2008-2517
SaraB < 0.2.4 - Local Sensitive Information Exposure via Command-Line Encryption Key
CVE-2008-1578
Apple Mac OS X <10.5.3 - Info Disclosure
CVE-2008-1579
Wiki Server <10.5.3 - Info Disclosure
CVE-2008-1580
Apple Mac OS X <10.5.3 - Info Disclosure
CVE-2008-2004
QEMU 0.9.1 - Exposure of Sensitive Information via Disk Image Header Manipulation
CVE-2008-2159
Microsoft Internet Explorer 7 - Unauthorized Cache Storage of Encrypted Pages
CVE-2008-2120
Sun Java System Application Server < 7.0 and Web Server < 6.1 - Unauthorized JSP Source Code Exposure
Details
Vulnerabilities 10,215
Exploit Likelihood High