CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-20041
https://notcve.org/view.php?id=CVE-2024-20041
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2024 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2931 – WPFront User Role Editor <= 3.2.1.11184 - Limited Information Exposure
https://notcve.org/view.php?id=CVE-2024-2931
The WPFront User Role Editor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.1.11184 via the wpfront_user_role_editor_assign_roles_user_autocomplete AJAX action. • https://inky-knuckle-2c2.notion.site/WPFront-User-Role-Editor-Information-disclosure-7435b8340a004f5f8485cad375326b2c https://plugins.trac.wordpress.org/changeset/3061241/wpfront-user-role-editor/trunk/includes/users/class-assign-migrate.php https://www.wordfence.com/threat-intel/vulnerabilities/id/078a0647-fc3a-436c-bf00-8776b16e66ff? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-50311 – IBM CICS Transaction Gateway for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2023-50311
IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages. • https://exchange.xforce.ibmcloud.com/vulnerabilities/273612 https://https://www.ibm.com/support/pages/node/7145418 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-50959 – IBM Cloud Pak for Business Automation information disclosure
https://notcve.org/view.php?id=CVE-2023-50959
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to use a system account. IBM X-Force ID: 275938. IBM Cloud Pak para automatización empresarial 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1 y 23.0.2 pueden permitir a los usuarios finales consultar más documentos de los esperados desde un sistema de gestión de contenido empresarial conectado cuando se configura para usar una cuenta del sistema. ID de IBM X-Force: 275938. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275938 https://www.ibm.com/support/pages/node/7145492 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25027 – IBM Security Verify Access Container information disclosure
https://notcve.org/view.php?id=CVE-2024-25027
IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281607 https://www.ibm.com/support/pages/node/7145400 • CWE-311: Missing Encryption of Sensitive Data •