CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3689 – Zhejiang Land Zongheng Network Technology O2OA information disclosure
https://notcve.org/view.php?id=CVE-2024-3689
12 Apr 2024 — The manipulation leads to information disclosure. ... NOTE: The vendor was contacted early about this disclosure but did not respond in any way. ... Durch das Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/Echosssy/CVE • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32131 – WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-32131
12 Apr 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. ... The Download Manager plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 3.2.82. • https://patchstack.com/database/vulnerability/download-manager/wordpress-download-manager-plugin-3-2-82-file-password-lock-bypass-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-5392
https://notcve.org/view.php?id=CVE-2023-5392
11 Apr 2024 — C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. ... C300 information leak due to an analysis feature which allows extracting more memory over the network than required by the function. • https://process.honeywell.com • CWE-1295: Debug Messages Revealing Unnecessary Information •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20798 – Illustrator 2024 CDR File parsing Out of Bound Read Information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-20798
11 Apr 2024 — Illustrator versions 28.3, 27.9.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. • https://helpx.adobe.com/security/products/illustrator/apsb24-25.html • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0908 – Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page <= 1.13.4 - Missing Authorization to Information Disclosure
https://notcve.org/view.php?id=CVE-2024-0908
11 Apr 2024 — The Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the apbPosts() function hooked via an AJAX action in all versions up to, and including, 1.13.1. This makes it possible for unauthenticated attackers to retrieve all post data, including those that may be password protected. El complemento Advanced Post Block – Display Posts, Pages, or Custom Posts on Your Page para WordPress es vu... • https://plugins.trac.wordpress.org/browser/advanced-post-block/trunk/plugin.php#L173 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32086 – Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32086
11 Apr 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AitThemes Citadela Listing.This issue affects Citadela Listing: from n/a through 5.18.1. ... The Citadela Directory plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.18.1. • https://patchstack.com/database/vulnerability/citadela-directory/wordpress-citadela-listing-plugin-5-18-1-unauthenticated-sensitive-data-users-posts-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3515 – Debian Security Advisory 5656-1
https://notcve.org/view.php?id=CVE-2024-3515
10 Apr 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3516 – Debian Security Advisory 5656-1
https://notcve.org/view.php?id=CVE-2024-3516
10 Apr 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3157 – Debian Security Advisory 5656-1
https://notcve.org/view.php?id=CVE-2024-3157
10 Apr 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1520 – OS Command Injection in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-1520
10 Apr 2024 — This could result in unauthorized access, data leakage, or complete system compromise. • https://github.com/parisneo/lollms-webui/commit/2497d1a4fe5a09f003bf7a9bc426139e9295a934 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •