CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-50601
https://notcve.org/view.php?id=CVE-2024-50601
Exploitation could lead to session hijacking, data leakage, and further exploitation via a multi-stage attack. • https://www.axigen.com/knowledgebase/Axigen-WebMail-Persistent-and-Reflected-XSS-Vulnerabilities-CVE-2024-50601-_403.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48011
https://notcve.org/view.php?id=CVE-2024-48011
A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10285 – CE21 Suite <= 2.2.0 - JWT Token Disclosure
https://notcve.org/view.php?id=CVE-2024-10285
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. • https://plugins.trac.wordpress.org/browser/ce21-suite/trunk/single-sign-on-ce21.php?rev=3097700#L237 https://plugins.trac.wordpress.org/browser/ce21-suite/trunk/single-sign-on-ce21.php?rev=3097700#L281 https://www.wordfence.com/threat-intel/vulnerabilities/id/618a9ad7-3a13-43e6-84f4-35287f07e1c0?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 11EXPL: 0CVE-2024-10965 – emqx neuron JSON File schema information disclosure
https://notcve.org/view.php?id=CVE-2024-10965
The manipulation leads to information disclosure. ... Durch das Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/emqx/neuron/issues/2281 https://github.com/emqx/neuron/pull/2282 https://github.com/fengzeroz/neuron/commit/c9ce39747e0372aaa2157b2b56174914a12c06d8 https://vuldb.com/?ctiid.283411 https://vuldb.com/?id.283411 https://vuldb.com/?submit.435375 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-20507 – Cisco Meeting Management Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20507
A successful exploit could allow the attacker to view sensitive data that is stored on the affected device. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-info-disc-9ZEMAhGA • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •