CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,215 vulnerabilities with CWE-200
CVE-2008-0995
Mac OS X 10.5.2 - Weak Encryption in Printing Component
CVE-2008-0996
Mac OS X 10.5.2 - Unprotected User Data Exposure via Printing Component
CVE-2008-0050
Mac OS X 10.4.11 - HTTPS Proxy Spoofing via 502 Bad Gateway Error
CVE-2008-1330
Novell GroupWise <7-SP3, <6.5-SP6U3 - Info Disclosure
CVE-2008-1318
MediaWiki <1.11.2 - Info Disclosure
CVE-2008-1288
IBM Rational ClearQuest <7.0.1.1-7.0.0.2 - Info Disclosure
CVE-2008-1270
lighttpd < 1.4.18 - Unauthenticated Arbitrary File Read via mod_userdir Default Path
CVE-2008-1252
Deutsche Telekom Speedport W500 - Info Disclosure
CVE-2008-1181
Juniper Networks Secure Access <5.5 R1 - Info Disclosure
CVE-2008-1166
Flyspray 0.9.9.4 - Username Enumeration via Error Message Discrepancy
CVE-2008-1111
lighttpd 1.4.18 - Exposure of Sensitive Information via mod_cgi Fork Failure
CVE-2008-1135
OMEGA INterneSErvicesLosungen 7 - Username Enumeration via Login Error Response
CVE-2008-1113
Cisco Unified Wireless IP Phone 7921 - MITM
CVE-2008-0978
Double-Take <= 5.0.0.2865 - Unauthenticated Sensitive Information Exposure via Packet Type
CVE-2008-0938
Solaris 10 - Unauthorized Sensitive Kernel Information Exposure via DTrace
CVE-2008-0901
BEA WebLogic Server 7.0-10.0 - Unauthenticated Password Brute-Force via URL Response
CVE-2008-0904
BEA Plumtree Collaboration 4.1-SP2 & AquaLogic Interaction 4.2-MP1 - Arbitrary File Read via Download Servlet
CVE-2008-0863
BEA WebLogic Server/Express 9.0/9.1 - Unauthenticated Sensitive Information Exposure via WSDL
CVE-2008-0784
Cacti 0.8.6-0.8.7 - Exposure of Sensitive Information via Invalid local_graph_id Parameter
CVE-2008-0736
CandyPress 4.1.1.26 - Path Exposure via FedExAccount Parameter
CVE-2008-0041
Mac OS X 10.5-10.5.1 - Unauthorized Data Exposure via Parental Controls Web Request
CVE-2008-0636
Level Platforms Managed Workplace Service Center 4.x-6.x - Information Exposure via Direct Request to About/SC_About.htm
CVE-2008-0420
Firefox < 2.0.0.11 - Memory Exposure via BMP Image Decoding
CVE-2008-0593
Firefox < 2.0.0.12 and SeaMonkey < 1.1.8 - Same Origin Policy Bypass via Stylesheet DOM Node .href Property
CVE-2008-0655 HIGH KEV
Adobe Acrobat and Reader < 8.1.2 - Exposure of Sensitive Information
CVSS 8.8
Details
Vulnerabilities 10,215
Exploit Likelihood High