Page 164 of 10523 results (0.020 seconds)

CVSS: -EPSS: 0%CPEs: -EXPL: 0

CVE-2024-20045

https://notcve.org/view.php?id=CVE-2024-20045

This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2024 •

CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0

CVE-2024-20041

https://notcve.org/view.php?id=CVE-2024-20041

This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-125: Out-of-bounds Read •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-2931 – WPFront User Role Editor <= 3.2.1.11184 - Limited Information Exposure

https://notcve.org/view.php?id=CVE-2024-2931

The WPFront User Role Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.1.11184 via the wpfront_user_role_editor_assign_roles_user_autocomplete AJAX action. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract retrieve a list of all user email addresses who are registered on the site. El complemento WPFront User Role Editor para WordPress es vulnerable a la exposición de información confidencial en todas las versiones hasta la 3.2.1.11184 incluida a través de la acción AJAX wpfront_user_role_editor_assign_roles_user_autocomplete. Esto hace posible que los atacantes autenticados, con acceso de nivel de suscriptor y superior, extraigan y recuperen una lista de todas las direcciones de correo electrónico de los usuarios que están registrados en el sitio. • https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-50311 – IBM CICS Transaction Gateway for Multiplatforms information disclosure

https://notcve.org/view.php?id=CVE-2023-50311

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 273612. IBM CICS Transaction Gateway for Multiplatforms 9.2 y 9.3 transmite o almacena credenciales de autenticación, pero utiliza un método inseguro que es susceptible de interceptación y/o recuperación no autorizada. ID de IBM X-Force: 273612. IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages. • https://exchange.xforce.ibmcloud.com/vulnerabilities/273612 https://https://www.ibm.com/support/pages/node/7145418 • CWE-522: Insufficiently Protected Credentials •

CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0

CVE-2023-50959 – IBM Cloud Pak for Business Automation information disclosure

https://notcve.org/view.php?id=CVE-2023-50959

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to use a system account. IBM X-Force ID: 275938. IBM Cloud Pak para automatización empresarial 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1 y 23.0.2 pueden permitir a los usuarios finales consultar más documentos de los esperados desde un sistema de gestión de contenido empresarial conectado cuando se configura para usar una cuenta del sistema. ID de IBM X-Force: 275938. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275938 https://www.ibm.com/support/pages/node/7145492 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •