CVSS: 8.4EPSS: 0%CPEs: 12EXPL: 0CVE-2024-30034 – Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30034
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del controlador del minifiltro de archivos en la nube de Windows This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30034 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34754 – WordPress Contact Form Widget plugin <= 1.3.9 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-34754
This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/new-contact-form-widget/wordpress-contact-form-widget-plugin-1-3-9-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-27829 – Apple macOS VideoToolbox Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-27829
The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • http://seclists.org/fulldisclosure/2024/May/12 https://support.apple.com/en-us/HT214106 https://support.apple.com/kb/HT214106 • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-23576 – HCL Commerce is potentially affected by a denial of service and information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-23576
Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112907 • CWE-285: Improper Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50718 – NocoDB SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2023-50718
This vulnerability may result in leakage of sensitive data in the database. • https://github.com/nocodb/nocodb/security/advisories/GHSA-8fxg-mr34-jqr8 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •