CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29745 – Android Pixel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-29745
05 Apr 2024 — there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. ... Android Pixel contains an information disclosure vulnerability in the fastboot firmware used to support unlocking, flashing, and locking affected devices. • https://source.android.com/security/bulletin/pixel/2024-04-01 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29744
https://notcve.org/view.php?id=CVE-2024-29744
05 Apr 2024 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-04-01 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29742
https://notcve.org/view.php?id=CVE-2024-29742
05 Apr 2024 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-04-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29739
https://notcve.org/view.php?id=CVE-2024-29739
05 Apr 2024 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-04-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29738
https://notcve.org/view.php?id=CVE-2024-29738
05 Apr 2024 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-04-01 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27232
https://notcve.org/view.php?id=CVE-2024-27232
05 Apr 2024 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-04-01 • CWE-476: NULL Pointer Dereference CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27231
https://notcve.org/view.php?id=CVE-2024-27231
05 Apr 2024 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-04-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 6%CPEs: 1EXPL: 1CVE-2024-3097 – WordPress Gallery Plugin – NextGEN Gallery <= 3.59 - Missing Authorization to Unauthenticated Information Disclosure
https://notcve.org/view.php?id=CVE-2024-3097
05 Apr 2024 — The WordPress Gallery Plugin – NextGEN Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_item function in versions up to, and including, 3.59. This makes it possible for unauthenticated attackers to extract sensitive data including EXIF and other metadata of any image uploaded through the plugin. El complemento WordPress Gallery Plugin – NextGEN Gallery para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de ... • https://github.com/Athos-Zago/CVE-2024-30973 • CWE-862: Missing Authorization •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6522 – Information Disclosure in ExtremePacs's Extreme XDS
https://notcve.org/view.php?id=CVE-2023-6522
05 Apr 2024 — Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3914. Una vulnerabilidad de gestión de privilegios inadecuada en ExtremePacs Extreme XDS permite recopilar datos proporcionados por los usuarios. Este problema afecta a Extreme XDS: antes de 3914. Incorrect Use of Privileged APIs vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3914. • https://www.usom.gov.tr/bildirim/tr-24-0276 • CWE-269: Improper Privilege Management CWE-648: Incorrect Use of Privileged APIs •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31254 – WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-31254
05 Apr 2024 — Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7. The WordPress Backup & Migration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.7 via log files. • https://patchstack.com/database/vulnerability/wp-migration-duplicator/wordpress-wordpress-backup-migration-plugin-1-4-7-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •