CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36307 – Trend Micro Apex One Security Agent Link Following Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-36307
06 Jun 2024 — A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. ... This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://success.trendmicro.com/dcx/s/solution/000298063 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35710 – WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-35710
06 Jun 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through 5.7.3. ... This makes it possible for unauthenticated attackers to view information they should not have access to. • https://patchstack.com/database/vulnerability/podlove-web-player/wordpress-podlove-web-player-plugin-5-7-3-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35682 – WordPress Otter Blocks PRO plugin <= 2.6.11 - Authenticated Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-35682
06 Jun 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11. ... The Otter Blocks PRO – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.11. • https://patchstack.com/database/vulnerability/otter-pro/wordpress-otter-blocks-pro-plugin-2-6-11-authenticated-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1662 – Information Disclosure in Porty's PowerBank
https://notcve.org/view.php?id=CVE-2024-1662
05 Jun 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data.This issue affects PowerBank Application: before 2.02. • https://www.usom.gov.tr/bildirim/tr-24-0602 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1272 – Information Disclosure to Source Code in TNB Mobile Solutions' Cockpit Software
https://notcve.org/view.php?id=CVE-2024-1272
05 Jun 2024 — Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before v0.251.1. • https://www.usom.gov.tr/bildirim/tr-24-0601 • CWE-540: Inclusion of Sensitive Information in Source Code •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2024-28818
https://notcve.org/view.php?id=CVE-2024-28818
05 Jun 2024 — This can lead to disclosure of sensitive information. • https://semiconductor.samsung.com/support/quality-support/product-security-updates •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2023-49928
https://notcve.org/view.php?id=CVE-2023-49928
05 Jun 2024 — This can lead to disclosure of sensitive information. • https://semiconductor.samsung.com/support/quality-support/product-security-updates •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4220 – Information Disclosure in BeyondInsight
https://notcve.org/view.php?id=CVE-2024-4220
04 Jun 2024 — Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames. • https://www.beyondtrust.com/trust-center/security-advisories/BT24-06 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5483 – LearnPress – WordPress LMS Plugin <= 4.2.6.8 - Basic Information Disclosure via JSON API
https://notcve.org/view.php?id=CVE-2024-5483
04 Jun 2024 — The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of get_items_permissions_check function. This makes it possible for unauthenticated attackers to extract basic information about website users, including their emails El complemento LearnPress – WordPress LMS Plugin para WordPress es vulnerable a la exposición de información confidencial en todas las versiones h... • https://plugins.trac.wordpress.org/browser/learnpress/tags/4.2.6.8/inc/jwt/rest-api/version1/class-lp-rest-users-v1-controller.php#L130 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29170
https://notcve.org/view.php?id=CVE-2024-29170
04 Jun 2024 — An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service. • https://www.dell.com/support/kbdoc/en-us/000225667/dsa-2024-210-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-798: Use of Hard-coded Credentials •