CWE-200
High likelihoodExposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
10,217 vulnerabilities with CWE-200
CVE-2006-5702
Tikiwiki 1.9.5 - Exposure of Sensitive Information via Empty sort_mode Parameter
CVE-2006-5725
AEP Smartgate SSL Server 4.3b - Directory Existence Disclosure via HTTP Status Code
CVE-2006-5229
OpenSSH - Username Enumeration via Timing Discrepancy
CVE-2006-4595
muforum 0.4c - Exposure of Sensitive Information via Insufficient Access Control
CVE-2006-4537
OpenVMS ALPHA 7.3-2 and 8.2 - Password Exposure in NET$SESSION_CONTROL.EXE Audit Log
CVE-2006-4223
IBM WebSphere Application Server < 6.0.2.13 - Sensitive Information Exposure via JSP Source Code
CVE-2006-4136
IBM WebSphere Application Server < 6.1.0.1 - Exposure of Sensitive Information via SOAP Requests and MBean
CVE-2006-4006
BomberClone <= 0.11.6 - Exposure of Sensitive Information via Packet Data Size Mismanagement
CVE-2006-3561
BT Voyager 2091 Wireless <3.01m - Auth Bypass
CVE-2006-3365
v3_chat - Exposure of Sensitive Information via Invalid SQL Query Error
CVE-2006-2384
Microsoft Internet Explorer < 6.0 - Address Bar Spoofing via Modal Window
CVE-2006-2950
Net Portal Dynamic System <5.10 - Info Disclosure
CVE-2006-2900
Internet Explorer 6 - Info Disclosure
CVE-2006-2613
Mozilla Firefox and Suite - Information Exposure via Exception Message
CVE-2006-2535
Destiney Links Script 2.1.2 - Exposure of Sensitive Information via Invalid Show Parameter
CVE-2006-2356
Ipswitch WhatsUp Professional 2006 - Exposure of Sensitive Information via nDeviceGroupID Parameter
CVE-2006-1439
Apple Mac OS X 10.4.6 - Info Disclosure
CVE-2006-2341
Symantec Enterprise Firewall 8.0 / Gateway Security 2.0.1-3.0 - Internal IP Address Exposure
CVE-2006-2111
Microsoft Outlook Express 6 - Exposure of Sensitive Information via MHTML URI Handler
CVE-2006-1677
MAXdev MDPro <1.076 - Info Disclosure
CVE-2006-1367
Motorola PEBL U6 08.83.76R - Info Disclosure
CVE-2006-0861
Michael Salzer Guestbox < 0.8 - Unauthenticated Sensitive Information Exposure via Direct Request
CVE-2006-0707
PyBlosxom < 1.3.2 - Unauthenticated Arbitrary File Read via Multiple Leading Slash Characters
CVE-2006-0369
MySQL 5.0.18 - Exposure of Sensitive Information via VIEW Query
CVE-2006-0353
GNU lsh 2.0.1 - Exposure of Sensitive Information via Randomness Generator File Descriptor Leak
Details
Vulnerabilities
10,217
Exploit Likelihood
High