CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4319 – Advanced Contact form 7 DB <= 2.0.2 - Missing Authorization to Unauthenticated Information Disclosure
https://notcve.org/view.php?id=CVE-2024-4319
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vsz_cf7_export_to_excel' function in versions up to, and including, 2.0.2. This makes it possible for unauthenticated attackers to download the entry data for submitted forms. • https://plugins.trac.wordpress.org/browser/advanced-cf7-db/trunk/admin/class-advanced-cf7-db-admin.php#L1459 https://www.wordfence.com/threat-intel/vulnerabilities/id/2c66b185-fd4b-452d-890b-0f1850d8a7be?source=cve • CWE-862: Missing Authorization •
CVSS: 4.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-4458 – Linux Kernel ksmbd smb2_open Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-4458
The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. •
CVSS: 5.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-39176 – Linux Kernel ksmbd Transform Header Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-39176
The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-39179 – Linux Kernel ksmbd Read Request Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-39179
The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-31878 – IBM i information disclosure
https://notcve.org/view.php?id=CVE-2024-31878
IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by a remote attacker. This vulnerability can be used by a malicious actor to gather information about SST users that can be targeted in further attacks. IBM X-Force ID: 287538. IBM i 7.2, 7.3, 7.4 y 7.5 Service Tools Server (SST) es vulnerable a la enumeración de usuarios de SST por parte de un atacante remoto. Esta vulnerabilidad puede ser utilizada por un actor malintencionado para recopilar información sobre los usuarios de SST que puede ser objeto de futuros ataques. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287538 https://www.ibm.com/support/pages/node/7156725 • CWE-203: Observable Discrepancy •