Page 17 of 10840 results (0.111 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

The Contact Form 7 – Dynamic Text Extension plugin for WordPress is vulnerable to Basic Information Disclosure in all versions up to, and including, 4.5 via the CF7_get_post_var shortcode. • https://plugins.trac.wordpress.org/browser/contact-form-7-dynamic-text-extension/tags/4.5.0/includes/shortcodes.php#L225 https://www.wordfence.com/threat-intel/vulnerabilities/id/e051a83e-ad5a-4789-bfee-e03aa9d6a3fc?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-11.md • CWE-787: Out-of-bounds Write •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through double free. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-11.md • CWE-415: Double Free •

CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0

in OpenHarmony v4.1.0 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through out-of-bounds write. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-11.md • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

The LSC Smart Connect Indoor IP Camera V7.6.32 is vulnerable to an information disclosure issue where live camera footage can be accessed through the RTSP protocol on port 8554 without requiring authentication. • https://shinxyy.github.io/blogs/CVE_2024_51362.html • CWE-306: Missing Authentication for Critical Function •