CVSS: 3.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-4596 – Kimai Session information disclosure
https://notcve.org/view.php?id=CVE-2024-4596
The manipulation of the argument PHPSESSIONID leads to information disclosure. ... Dank der Manipulation des Arguments PHPSESSIONID mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/kimai/kimai/releases/tag/2.16.0 https://vuldb.com/?ctiid.263318 https://vuldb.com/?id.263318 https://vuldb.com/?submit.328639 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1CVE-2024-4584 – Faraday GM8181/GM828x command_port.ini information disclosure
https://notcve.org/view.php?id=CVE-2024-4584
The manipulation leads to information disclosure. ... Durch Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://netsecfish.notion.site/Information-Disclosure-in-Faraday-Technology-Grain-Media-GM828x-GM8181-DVR-via-Unauthenticated-Acc-3d184791c8d7405ba9d6a49e7a5bd918? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1CVE-2024-4583 – Faraday GM8181/GM828x Request information disclosure
https://notcve.org/view.php?id=CVE-2024-4583
The manipulation leads to information disclosure. ... Durch das Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://file.notion.so/f/f/3f67e7ef-2ba8-446a-9721-f87d0baa1695/193e9734-f9eb-44b0-bd85-92263d0e84ec/get_password_submit.py?id=8fd5a7e0-bc2d-4ef8-9037-d3c1b68a6be1&table=block&spaceId=3f67e7ef-2ba8-446a-9721-f87d0baa1695&expirationTimestamp=1715148000000& https://netsecfish.notion.site/Unauthorized-Credential-Exposure-in-Faraday-Technology-Grain-Media-GM828x-GM8181-DVR-Devices-6a501c33e5d44beab7148074d2214b8f?pvs=4 https://vuldb.com/?ctiid.263305 https://vuldb.com/?id.263305 https://vuldb.com/? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34559 – WordPress Ghost plugin <= 1.4.0 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-34559
Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0. Vulnerabilidad de inserción de información confidencial en un archivo de registro en Ghost Foundation Ghost. Este problema afecta a Ghost: desde n/a hasta 1.4.0. The Ghost plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.0 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files. • https://patchstack.com/database/vulnerability/ghost/wordpress-ghost-plugin-1-4-0-sensitive-data-exposure-via-log-file-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34549 – WordPress WP Job Manager plugin <= 2.2.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-34549
This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/wp-job-manager/wordpress-wp-job-manager-plugin-2-2-2-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •