CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51610 – Kofax Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-51610
03 May 2024 — Kofax Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. Kofax Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. Kofax Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. This vulnerability allows remote attackers to disclose sensitive information
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51609 – Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-51609
03 May 2024 — Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. This vulnerability allows remote attackers t... • https://www.zerodayinitiative.com/advisories/ZDI-23-1910 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51607 – Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-51607
03 May 2024 — Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. This vulnerability allows remote attackers t... • https://www.zerodayinitiative.com/advisories/ZDI-23-1908 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34368 – WordPress Mooberry Book Manager plugin <= 4.15.12 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-34368
03 May 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mooberry Dreams Mooberry Book Manager.This issue affects Mooberry Book Manager: from n/a through 4.15.12. ... The Mooberry Book Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.15.12 via exported files. This makes it possible for unauthenticated attackers to extract potentially sensitive information from those files. • https://patchstack.com/database/vulnerability/mooberry-book-manager/wordpress-mooberry-book-manager-plugin-4-15-12-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34382 – WordPress Photo Gallery, Images, Slider in Rbs Image Gallery plugin <= 3.2.18 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-34382
03 May 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in RoboSoft Robo Gallery.This issue affects Robo Gallery: from n/a through 3.2.18. ... The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.18. • https://patchstack.com/database/vulnerability/robo-gallery/wordpress-photo-gallery-images-slider-in-rbs-image-gallery-plugin-3-2-18-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34383 – WordPress SEOPress plugin <= 7.7.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-34383
03 May 2024 — The SEOPress – On-site SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.6.1. • https://patchstack.com/database/vulnerability/wp-seopress/wordpress-seopress-plugin-7-6-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30302 – ZDI-CAN-23077: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30302
02 May 2024 — Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. • https://helpx.adobe.com/security/products/acrobat/apsb24-07.html • CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34393 – libxmljs2 attrs type confusion RCE
https://notcve.org/view.php?id=CVE-2024-34393
02 May 2024 — This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled). libxmljs2 es afectada por una vulnerabilidad de confusión de tipos cuando se analiza un XML especialmente manipulado al invocar una función en el resultado de attrs() que se llamó en un nodo analizado. • https://github.com/marudor/libxmljs2/issues/204 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34391 – libxmljs attrs type confusion RCE
https://notcve.org/view.php?id=CVE-2024-34391
02 May 2024 — This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data leak, infinite loop and remote code execution (on 32-bit systems with the XML_PARSE_HUGE flag enabled). libxmljs es afectada por una vulnerabilidad de confusión de tipos cuando se analiza un XML especialmente manipulado al invocar una función en el resultado de attrs() que se llamó en un nodo analizado. • https://github.com/libxmljs/libxmljs/issues/645 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29010 – SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-29010
01 May 2024 — The XML document processed in the GMS ECM URL endpoint is vulnerable to XML external entity (XXE) injection, potentially resulting in the disclosure of sensitive information. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of SonicWALL GMS Virtual Appliance. ... An attacker can leverage this vulnerability to disclose information in the context of root. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0007 • CWE-611: Improper Restriction of XML External Entity Reference •