CVE-2024-1662 – Information Disclosure in Porty's PowerBank
https://notcve.org/view.php?id=CVE-2024-1662
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PORTY Smart Tech Technology Joint Stock Company PowerBank Application allows Retrieve Embedded Sensitive Data.This issue affects PowerBank Application: before 2.02. • https://www.usom.gov.tr/bildirim/tr-24-0602 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-1272 – Information Disclosure to Source Code in TNB Mobile Solutions' Cockpit Software
https://notcve.org/view.php?id=CVE-2024-1272
Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before v0.251.1. • https://www.usom.gov.tr/bildirim/tr-24-0601 • CWE-540: Inclusion of Sensitive Information in Source Code •
CVE-2024-4220 – Information Disclosure in BeyondInsight
https://notcve.org/view.php?id=CVE-2024-4220
Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames. • https://www.beyondtrust.com/trust-center/security-advisories/BT24-06 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-5483 – LearnPress – WordPress LMS Plugin <= 4.2.6.8 - Basic Information Disclosure via JSON API
https://notcve.org/view.php?id=CVE-2024-5483
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of get_items_permissions_check function. This makes it possible for unauthenticated attackers to extract basic information about website users, including their emails El complemento LearnPress – WordPress LMS Plugin para WordPress es vulnerable a la exposición de información confidencial en todas las versiones hasta la 4.2.6.8 incluida debido a la implementación incorrecta de la función get_items_permissions_check. • https://plugins.trac.wordpress.org/browser/learnpress/tags/4.2.6.8/inc/jwt/rest-api/version1/class-lp-rest-users-v1-controller.php#L130 https://www.wordfence.com/threat-intel/vulnerabilities/id/122b75d2-e882-45b9-baf1-acf847f8d60a?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-29170
https://notcve.org/view.php?id=CVE-2024-29170
An adjacent network unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure of network traffic and denial of service. • https://www.dell.com/support/kbdoc/en-us/000225667/dsa-2024-210-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-798: Use of Hard-coded Credentials •