CVE-2024-25027 – IBM Security Verify Access Container information disclosure
https://notcve.org/view.php?id=CVE-2024-25027
IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption. IBM X-Force ID: 281607. IBM Security Verify Access 10.0.6 podría revelar información confidencial de instantáneas debido a la falta de cifrado. ID de IBM X-Force: 281607. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281607 https://www.ibm.com/support/pages/node/7145400 • CWE-311: Missing Encryption of Sensitive Data •
CVE-2024-29020 – JumpServer allows nn authorized attacker to get sensitive information in playbook files when playbook_id is leaked
https://notcve.org/view.php?id=CVE-2024-29020
This breach of confidentiality can lead to information disclosure and exposing sensitive data. • https://github.com/jumpserver/jumpserver/security/advisories/GHSA-7mqc-23hr-cr62 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2024-30511 – WordPress FG PrestaShop to WooCommerce plugin <= 4.45.1 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-30511
Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.45.1. Inserción de información confidencial en la vulnerabilidad del archivo de registro en Frédéric GILLES FG PrestaShop a WooCommerce. Este problema afecta a FG PrestaShop a WooCommerce: desde n/a hasta 4.45.1. The FG PrestaShop to WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.45.1. This makes it possible for unauthenticated attackers to view data in log files. • https://patchstack.com/database/vulnerability/fg-prestashop-to-woocommerce/wordpress-fg-prestashop-to-woocommerce-plugin-4-45-1-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-25971
https://notcve.org/view.php?id=CVE-2024-25971
A remote high privileged attacker could potentially exploit this vulnerability, leading to information disclosure, denial-of-service. • https://www.dell.com/support/kbdoc/en-us/000223556/dsa-2024-132-security-update-dell-power-protect-data-manager-for-multiple-security-vulnerabilities • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2024-25963
https://notcve.org/view.php?id=CVE-2024-25963
A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000223366/dsa-2024-115-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •