CVE-2024-12082 – Ability Runtime has an out-of-bounds read permission bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-12082
in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. en OpenHarmony v4.0.0 y versiones anteriores se permite que un atacante local provoque fugas de información a través de lecturas fuera de los límites. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-12.md • CWE-125: Out-of-bounds Read CWE-922: Insecure Storage of Sensitive Information •
CVE-2018-9449
https://notcve.org/view.php?id=CVE-2018-9449
This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel/2018-08-01 • CWE-125: Out-of-bounds Read •
CVE-2018-9441
https://notcve.org/view.php?id=CVE-2018-9441
This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel/2018-08-01 • CWE-125: Out-of-bounds Read •
CVE-2024-10787 – LA-Studio Element Kit for Elementor <= 1.4.4 - Authenticated (Contributor+) Post Disclosure
https://notcve.org/view.php?id=CVE-2024-10787
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.4 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3198563%40lastudio-element-kit&new=3198563%40lastudio-element-kit&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/2e63c0fb-7fe7-42f7-8fa9-ec159d3c8117?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2024-12099 – Dollie Hub – Build Your Own WordPress Cloud Platform <= 6.2.0 - Authenticated (Contributor+) Post Disclosure
https://notcve.org/view.php?id=CVE-2024-12099
The Dollie Hub – Build Your Own WordPress Cloud Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 6.2.0 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3201770%40dollie&new=3201770%40dollie&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/f29514d0-20a5-43f2-bf36-660579103220?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •