CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5014 – WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure
https://notcve.org/view.php?id=CVE-2024-5014
25 Jun 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to disclose information in the context of the application. • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5012 – WhatsUp Gold Missing Authentication GetWindowsCredential Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-5012
25 Jun 2024 — In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication vulnerability in WUGDataAccess.Credentials. This vulnerability allows unauthenticated attackers to disclose Windows Credentials stored in the product Credential Library. En las versiones de WhatsUp Gold lanzadas antes de 2023.1.3, falta una vulnerabilidad de autenticación en WUGDataAccess.Credentials. Esta vulnerabilidad permite a atacantes no autenticados revelar las credenciales de Windows almacenadas en la librería de cr... • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5010 – WhatsUp Gold TestController multiple information disclosure vulnerabilities
https://notcve.org/view.php?id=CVE-2024-5010
25 Jun 2024 — A specially crafted unauthenticated HTTP request can lead to a disclosure of sensitive information. • https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37205 – WordPress affiliate-toolkit plugin <= 3.4.4 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-37205
20 Jun 2024 — Insertion of Sensitive Information into Log File vulnerability in SERVIT Software Solutions.This issue affects affiliate-toolkit: from n/a through 3.4.4. ... The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.4 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files. • https://patchstack.com/database/vulnerability/affiliate-toolkit-starter/wordpress-affiliate-toolkit-plugin-3-4-4-sensitive-data-exposure-via-log-file-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44587 – WordPress WP 2FA plugin <= 2.6.3 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2022-44587
20 Jun 2024 — Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP 2FA: from n/a through 2.6.3. ... The WP 2FA – Two-factor authentication for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.3 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information co... • https://patchstack.com/database/vulnerability/wp-2fa/wordpress-wp-2fa-plugin-2-6-3-sensitive-data-exposure-via-log-file-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37115 – WordPress Newspack Blocks plugin <= 3.0.8 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-37115
20 Jun 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Automattic Newspack Blocks.This issue affects Newspack Blocks: from n/a through 3.0.8. ... The Newspack Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.8. • https://patchstack.com/database/vulnerability/newspack-blocks/wordpress-newspack-blocks-plugin-3-0-8-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6102 – Debian Security Advisory 5716-1
https://notcve.org/view.php?id=CVE-2024-6102
19 Jun 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6101 – Debian Security Advisory 5716-1
https://notcve.org/view.php?id=CVE-2024-6101
19 Jun 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6100 – Debian Security Advisory 5716-1
https://notcve.org/view.php?id=CVE-2024-6100
19 Jun 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6103 – Debian Security Advisory 5716-1
https://notcve.org/view.php?id=CVE-2024-6103
19 Jun 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html • CWE-416: Use After Free •