CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-2760 – Bkav Home v7816, build 2403161130 - Kernel Memory Leak
https://notcve.org/view.php?id=CVE-2024-2760
Bkav Home v7816, build 2403161130 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x222240 IOCTL code of the BkavSDFlt.sys driver. • https://fluidattacks.com/advisories/kent https://www.bkav.com/bkav-home • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23527 – Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23527
An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. • https://www.ivanti.com/blog/security-update-for-ivanti-avalanche •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32825 – WordPress Simply Static plugin <= 3.1.3 - Sensitive Data Exposure via Log File vulnerability
https://notcve.org/view.php?id=CVE-2024-32825
Insertion of Sensitive Information into Log File vulnerability in Patrick Posner Simply Static.This issue affects Simply Static: from n/a through 3.1.3. ... The Simply Static plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log files. • https://patchstack.com/database/vulnerability/simply-static/wordpress-simply-static-plugin-3-1-3-sensitive-data-exposure-via-log-file-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32716 – WordPress StreamWeasels Twitch Integration plugin <= 1.7.8 - API Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32716
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StreamWeasels StreamWeasels Twitch Integration.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.8. ... The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.8 via the sw-twitch-embed shortcode. This makes it possible for unauthenticated attackers to view potentially sensitive information. • https://patchstack.com/database/vulnerability/streamweasels-twitch-integration/wordpress-streamweasels-twitch-integration-plugin-1-7-8-api-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32780 – WordPress VikRentCar Car Rental Management System plugin <= 1.3.2 - Sensitive Data Exposure via Invoices vulnerability
https://notcve.org/view.php?id=CVE-2024-32780
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in E4J s.R.L. ... The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.2 due to publicly accessible PDF files. This makes it possible for unauthenticated attackers to extract potentially sensitive information via PDFs. • https://patchstack.com/database/vulnerability/vikrentcar/wordpress-vikrentcar-car-rental-management-system-plugin-1-3-2-sensitive-data-exposure-via-invoices-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •