CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,215 vulnerabilities with CWE-200
CVE-2007-3756
Safari 3 < Beta Update 3.0.4 - Exposure of Sensitive Information via Parent Window URL Identification
CVE-2007-5129
SimpGB 1.46.02 - Exposure of Sensitive Information via Direct Request
CVE-2007-5034
ELinks < 0.11.3 - Sensitive Data Exposure via HTTPS Proxy CONNECT Request
CVE-2007-4991
Microsoft ISA Server 2004 SP1 and SP2 - Information Disclosure via Empty SOCKS4 Packet
CVE-2007-5028
Dibbler 0.6.0 - Exposure of Sensitive Information via Weak File Permissions
CVE-2007-5022
IBM Tivoli Storage Manager Client 5.1-5.1.8.1 - Sensitive Information Exposure via Prompted Scheduling
CVE-2007-5011
WebBatch < 2007c - Exposure of Sensitive Information via dumpinputdata Parameter
CVE-2007-4655
CGI RESCUE Shopping Basket Pro <7.51 - Path Traversal
CVE-2007-4656
Backup Manager <0.6.3 - Info Disclosure
CVE-2007-4669
Firebird < 2.0.1 - Authenticated Sensitive Information Exposure via Services API
CVE-2007-3382
Apache Tomcat Session ID Exposure via Cookie Delimiter Mishandling
CVE-2007-3385
Apache Tomcat 3.3-6.0.13 - Exposure of Sensitive Information via Cookie Value Handling
CVE-2007-2402
Apple Quicktime <7.2 - Info Disclosure
CVE-2007-0042
Microsoft .NET Framework 1.0, 1.1, 2.0 - Unauthorized Sensitive Information Exposure via Null Byte Injection
CVE-2007-3656
Firefox < 1.8.0.13 and 1.8.1.x < 1.8.1.5 - Exposure of Sensitive Information via wyciwyg URI Handling
CVE-2007-3074
Firefox <= 2.0.0.4 - Unauthenticated Local File Read via resource:// URI
CVE-2007-3008
Mbedthis AppWeb - HTTP TRACE Method Enabled
CVE-2007-2780
PsychoStats <3.0.6b - Info Disclosure
CVE-2007-2768
OpenSSH - User Enumeration via OPIE PAM Response Discrepancy
CVE-2007-2748
PHP < 5.2.1 - Information Disclosure via substr_count Function
CVE-2007-2590
Nokia Intellisync Mobile Suite - Info Disclosure
CVE-2007-2552
WikkaWiki <1.1.6.3 - Info Disclosure
CVE-2007-2479
MEDIUM
Cerulean Studios Trillian Pro <3.1.5.1 - Info Disclosure
CVSS 5.9
CVE-2007-2379
jQuery - Exposure of Sensitive Information via JSON Data Hijacking
CVE-2007-2353
Apache Axis 1.0 - Information Disclosure via Non-Existent WSDL Request
Details
Vulnerabilities
10,215
Exploit Likelihood
High