CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34388 – WordPress GDPR Compliance plugin <= 1.2.5 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-34388
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Scribit GDPR Compliance.This issue affects GDPR Compliance: from n/a through 1.2.5. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en el cumplimiento del RGPD de Scribit. Este problema afecta el cumplimiento del RGPD: desde n/a hasta 1.2.5. The GDPR Compliance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/gdpr-compliance/wordpress-gdpr-compliance-plugin-1-2-5-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-26312
https://notcve.org/view.php?id=CVE-2024-26312
Archer Platform 6 before 2024.03 contains a sensitive information disclosure vulnerability. • https://archerirm.com https://www.archerirm.community/t5/platform-announcements/archer-update-for-multiple-vulnerabilities/ta-p/720963 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27283 – IBM Aspera Orchestrator information disclosure
https://notcve.org/view.php?id=CVE-2023-27283
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545. IBM Aspera Orchestrator 4.0.1 podría permitir a un atacante remoto enumerar nombres de usuarios debido a discrepancias de respuesta observables. ID de IBM X-Force: 248545. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248545 https://www.ibm.com/support/pages/node/7150191 • CWE-204: Observable Response Discrepancy •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2023-40696 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2023-40696
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 264939. IBM Cognos Controller 10.4.1, 10.4.2 y 11.0.0 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 264939. • https://exchange.xforce.ibmcloud.com/vulnerabilities/264939 https://www.ibm.com/support/pages/node/7149876 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2021-20556 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2021-20556
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames due to differentiating error messages on existing usernames. IBM X-Force ID: 199181. IBM Cognos Controller 10.4.1, 10.4.2 y 11.0.0 podrían permitir que un usuario remoto enumere nombres de usuarios debido a mensajes de error diferenciadores en nombres de usuarios existentes. ID de IBM X-Force: 199181. • https://exchange.xforce.ibmcloud.com/vulnerabilities/199181 https://www.ibm.com/support/pages/node/7149876 • CWE-204: Observable Response Discrepancy •