CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4319 – Advanced Contact form 7 DB <= 2.0.2 - Missing Authorization to Unauthenticated Information Disclosure
https://notcve.org/view.php?id=CVE-2024-4319
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vsz_cf7_export_to_excel' function in versions up to, and including, 2.0.2. This makes it possible for unauthenticated attackers to download the entry data for submitted forms. El complemento Advanced Contact form 7 DB para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificación de capacidad en la función 'vsz_cf7_export_to_excel' en versiones hasta la 2.0.2 incluida. Esto hace posible que atacantes no autenticados descarguen los datos de entrada de los formularios enviados. • https://plugins.trac.wordpress.org/browser/advanced-cf7-db/trunk/admin/class-advanced-cf7-db-admin.php#L1459 https://www.wordfence.com/threat-intel/vulnerabilities/id/2c66b185-fd4b-452d-890b-0f1850d8a7be?source=cve • CWE-862: Missing Authorization •
CVSS: 4.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-4458 – Kernel: ksmbd: smb2_open out-of-bounds read information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2023-4458
An attacker can leverage this to disclose sensitive information on affected installations of Linux. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. • https://access.redhat.com/security/cve/CVE-2023-4458 https://bugzilla.redhat.com/show_bug.cgi?id=2325516 https://www.zerodayinitiative.com/advisories/ZDI-24-590 • CWE-125: Out-of-bounds Read •
CVSS: 5.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-39176 – Kernel: ksmbd: transform header out-of-bounds read information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2023-39176
An attacker can leverage this to disclose sensitive information on affected installations of Linux. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. • https://access.redhat.com/security/cve/CVE-2023-39176 https://bugzilla.redhat.com/show_bug.cgi?id=2326503 https://www.zerodayinitiative.com/advisories/ZDI-24-586 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-39179 – Kernel: ksmbd: read request out-of-bounds read information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2023-39179
An attacker can leverage this to disclose sensitive information on affected installations of Linux. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. • https://access.redhat.com/security/cve/CVE-2023-39179 https://bugzilla.redhat.com/show_bug.cgi?id=2326529 https://www.zerodayinitiative.com/advisories/ZDI-24-586 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-31878 – IBM i information disclosure
https://notcve.org/view.php?id=CVE-2024-31878
This vulnerability can be used by a malicious actor to gather information about SST users that can be targeted in further attacks. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287538 https://www.ibm.com/support/pages/node/7156725 • CWE-203: Observable Discrepancy •