CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33859 – IBM Security ReaQta information disclosure
https://notcve.org/view.php?id=CVE-2023-33859
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257697 https://www.ibm.com/support/pages/node/7159770 • CWE-204: Observable Response Discrepancy •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6554 – Branda – White Label WordPress, Custom Login Page Customizer <= 3.4.18 - Unauthenticated Full Path Disclosure
https://notcve.org/view.php?id=CVE-2024-6554
The Branda – White Label WordPress, Custom Login Page Customizer plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.4.18. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://plugins.trac.wordpress.org/browser/branda-white-labeling/trunk/misc/composer/prefix-fixer.php https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3115603%40branda-white-labeling&new=3115603%40branda-white-labeling&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/0a79eb25-a7d1-4102-97e6-8fa8db9ed03e?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6210 – Duplicator <= 1.5.9 - Full Path Disclosure
https://notcve.org/view.php?id=CVE-2024-6210
The Duplicator plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 1.5.9. ... On its own, this information is of very limited use. • https://plugins.trac.wordpress.org/browser/duplicator/trunk/installer/dup-installer/main.installer.php#L51 https://plugins.trac.wordpress.org/changeset/3108563/duplicator/trunk/installer/dup-installer/main.installer.php?old=3073248&old_path=duplicator%2Ftrunk%2Finstaller%2Fdup-installer%2Fmain.installer.php https://www.wordfence.com/threat-intel/vulnerabilities/id/d47d582d-7c90-4f49-aee1-03a8775b850d?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-21524
https://notcve.org/view.php?id=CVE-2024-21524
It's possible to return previously allocated memory, for example, by providing negative indexes, leading to an Information Disclosure. • https://gist.github.com/dellalibera/0bb022811224f81d998fa61c3175ee67 https://github.com/magiclen/node-stringbuilder/blob/5c2797d3d6bf8cb6d10fe1e077609cef9a5a7de0/src/node-stringbuilder.c%23L1281 https://security.snyk.io/vuln/SNYK-JS-NODESTRINGBUILDER-6421617 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38301
https://notcve.org/view.php?id=CVE-2024-38301
A low privileged attacker could potentially exploit this vulnerability, leading to denial of service on the local system and information disclosure. • https://www.dell.com/support/kbdoc/en-us/000225774/dsa-2024-258 • CWE-1107: Insufficient Isolation of Symbolic Constant Definitions •