CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37498 – WordPress Tablesome plugin <= 1.0.33 - Sensitive Data Exposure via API vulnerability
https://notcve.org/view.php?id=CVE-2024-37498
04 Jul 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.33. ... The Tablesome – Responsive Table, Woocommerce Automation, Email Log, Form Automation – Contact Form 7, Elementor, WPForms, Forminator plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.33 due to insufficient capability... • https://patchstack.com/database/vulnerability/tablesome/wordpress-tablesome-plugin-1-0-33-sensitive-data-exposure-via-api-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31223 – Fides Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL
https://notcve.org/view.php?id=CVE-2024-31223
03 Jul 2024 — This could result in disclosure of server-side configuration giving an attacker information on server-side ports, private IP addresses, and/or private domain names. • https://github.com/ethyca/fides/commit/0555080541f18a5aacff452c590ac9a1b56d7097 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 20%CPEs: 2EXPL: 0CVE-2024-39891 – Twilio Authy Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-39891
02 Jul 2024 — Specifically, the endpoint accepted a stream of requests containing phone numbers, and responded with information about whether each phone number was registered with Authy. ... Twilio Authy contains an information disclosure vulnerability in its API that allows an unauthenticated endpoint to accept a request containing a phone number and respond with information about whether the phone number was registered with Authy. • https://cwe.mitre.org/data/definitions/203.html • CWE-203: Observable Discrepancy •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2024-38476 – Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect
https://notcve.org/view.php?id=CVE-2024-38476
01 Jul 2024 — Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. ... Backend applications whose response headers are mali... • https://httpd.apache.org/security/vulnerabilities_24.html • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-36996 – Information Disclosure of user names
https://notcve.org/view.php?id=CVE-2024-36996
01 Jul 2024 — This disclosure could then lead to additional brute-force password-guessing attacks. • https://advisory.splunk.com/advisories/SVD-2024-0716 • CWE-204: Observable Response Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 128EXPL: 0CVE-2024-21466 – Integer Underflow (Wrap or Wraparound) in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-21466
01 Jul 2024 — Information disclosure while parsing sub-IE length during new IE generation. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.1EPSS: 0%CPEs: 30EXPL: 0CVE-2024-21460 – Use of Insufficiently Random Values in Core
https://notcve.org/view.php?id=CVE-2024-21460
01 Jul 2024 — Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in virtual address space. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.8EPSS: 0%CPEs: 222EXPL: 0CVE-2024-21458 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-21458
01 Jul 2024 — Information disclosure while handling SA query action frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 222EXPL: 0CVE-2024-21457 – Buffer Over-read in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-21457
01 Jul 2024 — INformation disclosure while handling Multi-link IE in beacon frame. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 9.4EPSS: 0%CPEs: 43EXPL: 0CVE-2024-21456 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-21456
01 Jul 2024 — Information Disclosure while parsing beacon frame in STA. • https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2024-bulletin.html • CWE-126: Buffer Over-read •