CVSS: 7.5EPSS: 0%CPEs: -EXPL: 2CVE-2023-40278 – OpenClinic GA 5.247.01 - Information Disclosure
https://notcve.org/view.php?id=CVE-2023-40278
An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. ... OpenClinic GA version 5.247.01 suffers from an information disclosure vulnerability. • https://www.exploit-db.com/exploits/51994 https://github.com/BugBountyHunterCVE/CVE-2023-40278 https://github.com/BugBountyHunterCVE/CVE-2023-40278/blob/main/CVE-2023-40278_Information-Disclosure_OpenClinic-GA_5.247.01_Report.md https://sourceforge.net/projects/open-clinic • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2384 – WooCommerce POS <= 1.4.11 - Insufficient Verification of Data Authenticity to Authenticated (Customer+) Information Disclosure
https://notcve.org/view.php?id=CVE-2024-2384
The WooCommerce POS plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.4.11. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3053833%40woocommerce-pos&new=3053833%40woocommerce-pos&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/d6b8ba69-aa8b-436f-990c-39e283f5d2f2?source=cve • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20757 – Bridge 2024 TIF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20757
Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 13.0.5, 14.0.1 y anteriores de Bridge se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria confidencial. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. • https://helpx.adobe.com/security/products/bridge/apsb24-15.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23139 – Autodesk FBX Review ABC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23139
An Out-Of-Bounds Write Vulnerability in Autodesk FBX Review version 1.5.3.0 and prior may lead to code execution or information disclosure through maliciously crafted ActionScript Byte Code “ABC” files. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0005 • CWE-787: Out-of-bounds Write •
CVSS: -EPSS: 0%CPEs: -EXPL: 1CVE-2024-22513 – djangorestframework-simplejwt 5.3.1 - Information Disclosure
https://notcve.org/view.php?id=CVE-2024-22513
djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. ... Django REST Framework SimpleJWT versions 5.3.1 and below suffer from an information disclosure vulnerability. • https://www.exploit-db.com/exploits/51992 https://github.com/dmdhrumilmistry/CVEs/tree/main/CVE-2024-22513 •