CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35166 – WordPress FileBird – WordPress Media Library Folders & File Manager plugin <= 5.6.3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-35166
13 May 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3. • https://patchstack.com/database/vulnerability/filebird/wordpress-filebird-wordpress-media-library-folders-file-manager-plugin-5-6-3-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22345 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-22345
10 May 2024 — IBM TXSeries for Multiplatforms 8.2 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 280192. IBM TXSeries for Multiplatforms 8.2 transmite o almacena credenciales de autenticación, pero utiliza un método inseguro que es susceptible de interceptación y/o recuperación no autorizada. ID de IBM X-Force: 280192. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280192 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22344 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-22344
10 May 2024 — IBM TXSeries for Multiplatforms 8.2 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 280191. IBM TXSeries for Multiplatforms 8.2 es vulnerable a la inyección de HTML. Un atacante remoto podría inyectar código HTML malicioso que, una vez visto, se ejecutaría en el navegador web de la víctima dentro del contexto de seguridad del sitio de alojamie... • https://exchange.xforce.ibmcloud.com/vulnerabilities/280191 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22343 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-22343
10 May 2024 — IBM TXSeries for Multiplatforms 8.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 280190. IBM TXSeries for Multiplatforms 8.2 permite almacenar páginas web localmente que pueden ser leídas por otro usuario del sistema. ID de IBM X-Force: 280190. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280190 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27269 – IBM QRadar SIEM information disclosure
https://notcve.org/view.php?id=CVE-2024-27269
10 May 2024 — IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284575 • CWE-286: Incorrect User Management •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35165 – WordPress Gutenify plugin <= 1.4.0 - Sensitive Data Exposure via API vulnerability
https://notcve.org/view.php?id=CVE-2024-35165
10 May 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gutenify.This issue affects Gutenify: from n/a through 1.4.0. ... The Gutenify – Visual Site Builder Blocks & Site Templates. plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.0. • https://patchstack.com/database/vulnerability/gutenify/wordpress-gutenify-plugin-1-4-0-sensitive-data-exposure-via-api-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35171 – WordPress Academy LMS plugin <= 1.9.25 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-35171
10 May 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.25. ... The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.25. • https://patchstack.com/database/vulnerability/academy/wordpress-academy-lms-plugin-1-9-25-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4671 – Google Chromium Visuals Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2024-4671
09 May 2024 — (Severidad de seguridad de Chrome: alta) A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0098
https://notcve.org/view.php?id=CVE-2024-0098
09 May 2024 — NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. A successful exploit of this vulnerability might lead to information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5533 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0097
https://notcve.org/view.php?id=CVE-2024-0097
09 May 2024 — A successful exploit of this vulnerability might lead to information disclosure, escalation of privileges, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5533 • CWE-269: Improper Privilege Management •