CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,215 vulnerabilities with CWE-200
CVE-2007-5701
IBM Lotus Domino < 7.0.3 - Unauthenticated Sensitive Information Exposure via CA Command Uppercase Bypass
CVE-2007-5335
Firefox < 2.0.0.7 - Exposure of Sensitive System Information via addMicrosummaryGenerator
CVE-2007-5654
LiteSpeed Web Server < 3.2.3 - Mime Type Injection via Null Byte Extension Bypass
CVE-2007-5637
Nortel Business Communications Manager - Unauthenticated Eavesdropping via Open Audio Stream
CVE-2007-5638
Nortel Business Communications Manager - Exposure of Sensitive Information via RUDP ID Predictability
CVE-2007-3850
Linux Kernel < 2.6.21 - Unauthorized Physical Memory Read via eHCA Driver
CVE-2007-5337
Mozilla Firefox < 2.0.0.7 and SeaMonkey < 1.1.4 - Unauthorized File Read via gnome-vfs URI Schemes
CVE-2007-5379
Ruby on Rails < 1.2.4 - Unauthenticated Arbitrary File Existence Disclosure and XML File Read via Hash.from_xml
CVE-2007-5576
BEA Tuxedo 8.0-8.1 and WebLogic Enterprise 5.1 - Cleartext Password Exposure via cnsbind/cnsunbind/cnsls Commands
CVE-2007-5549
Cisco IOS - Exposure of Sensitive Information via Command EXEC Bypass
CVE-2007-5550
Cisco IOS - Exposure of Sensitive Information via Common Network Service
CVE-2007-5554
Oracle Database Server - Exposure of Sensitive Information via Crafted Packets
CVE-2007-5555
Symantec Altiris Deployment Solution - Authentication Credentials Information Leakage
CVE-2007-5473
Mono < 1.2.5.1 - Exposure of Sensitive Information via Trailing Space or Dot in Request
CVE-2007-5470
Microsoft Expression Media - Cleartext Password Exposure in Catalog IVC File
CVE-2007-5195
SUSE Linux novell-groupwise-client - Credential Exposure via Man-in-the-Middle Attack
CVE-2007-5196
SUSE Linux Enterprise Desktop 10 - SSL Credential Exposure via Man-in-the-Middle Attack
CVE-2007-5444
CMS Made Simple 1.1.3.1 - Unauthenticated Path Disclosure via Direct File Request
CVE-2007-5439
CA eTrust ITM 8.1 - Exposure of Sensitive Information via Predictable Log File Names
CVE-2007-5431
MyFTPUploader Module in Stride 1.0 - Exposure of Sensitive FTP Credentials in imageupload.js
CVE-2007-5432
Stride CMS 1.0 - Unauthenticated Exposure of Sensitive Information via Default Credentials
CVE-2007-5420
3Com 3CRWER100-75 1.2.10ww - Information Disclosure via Web Server
CVE-2007-5264
Battlefront Dropteam <= 1.3.3 - Unauthenticated Exposure of Sensitive Information via Game Server
CVE-2007-5201
duplicity < 0.4.9 - Exposure of Sensitive Information via FTP Backend Command Line Argument
CVE-2007-5172
Quicksilver Forums < 1.4.0 - Unauthenticated Sensitive Information Exposure via Database Error Message
Details
Vulnerabilities
10,215
Exploit Likelihood
High