CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27269 – IBM QRadar SIEM information disclosure
https://notcve.org/view.php?id=CVE-2024-27269
IBM QRadar SIEM 7.5 could allow a privileged user to configure user management that would disclose unintended sensitive information across tenants. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284575 https://www.ibm.com/support/pages/node/7150684 • CWE-286: Incorrect User Management •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32964 – lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability
https://notcve.org/view.php?id=CVE-2024-32964
An attacker can construct malicious requests to cause Server-Side Request Forgery without logging in, attack intranet services, and leak sensitive information. • https://github.com/lobehub/lobe-chat/commit/465665a735556669ee30446c7ea9049a20cc7c37 https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35165 – WordPress Gutenify plugin <= 1.4.0 - Sensitive Data Exposure via API vulnerability
https://notcve.org/view.php?id=CVE-2024-35165
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gutenify.This issue affects Gutenify: from n/a through 1.4.0. ... The Gutenify – Visual Site Builder Blocks & Site Templates. plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.0. • https://patchstack.com/database/vulnerability/gutenify/wordpress-gutenify-plugin-1-4-0-sensitive-data-exposure-via-api-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35171 – WordPress Academy LMS plugin <= 1.9.25 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-35171
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Academy LMS academy.This issue affects Academy LMS: from n/a through 1.9.25. ... The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.25. • https://patchstack.com/database/vulnerability/academy/wordpress-academy-lms-plugin-1-9-25-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0098
https://notcve.org/view.php?id=CVE-2024-0098
NVIDIA ChatRTX for Windows contains a vulnerability in the ChatRTX UI and backend, where a user can cause a clear-text transmission of sensitive information issue by data sniffing. A successful exploit of this vulnerability might lead to information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5533 • CWE-319: Cleartext Transmission of Sensitive Information •