CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27929 – Use After Free in SixLabors.ImageSharp
https://notcve.org/view.php?id=CVE-2024-27929
This vulnerability is triggered when an attacker passes a specially crafted PNG image file to ImageSharp for conversion, potentially leading to information disclosure. • https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-65x7-c272-7g7r • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7232 – Backup and Restore WordPress <= 1.45 - Unauthenticated Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-7232
The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data El complemento Backup and Restore WordPress de WordPress hasta la versión 1.45 no protege algunos archivos de registro que contienen información confidencial, como la configuración del sitio, etc., lo que permite a usuarios no autenticados acceder a dichos datos. The Backup and Restore WordPress – Backup Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.45 via log files. This makes it possible for unauthenticated attackers to extract potentially sensitive information via log files. • https://wpscan.com/vulnerability/323fef8a-aa17-4698-9a02-c12d1d390763 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38362 – IBM CICS TX information disclosure
https://notcve.org/view.php?id=CVE-2023-38362
IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. IBM X-Force ID: 260814. IBM CICS TX Advanced 10.1 podría revelar información confidencial a un atacante remoto debido a una discrepancia observable en las respuestas HTTP. ID de IBM X-Force: 260814. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260814 https://https://www.ibm.com/support/pages/node/7066430 • CWE-204: Observable Response Discrepancy •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43890 – IBM Security Verify Privilege On-Premises information disclosure
https://notcve.org/view.php?id=CVE-2022-43890
IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240453. IBM Security Verify Privilege On-Premises 11.5 podría revelar información confidencial a través de una solicitud HTTP que podría ayudar a un atacante en futuros ataques contra el sistema. ID de IBM X-Force: 240453. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240453 https://www.ibm.com/support/pages/node/7108660 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.1EPSS: 0%CPEs: -EXPL: 0CVE-2023-33078 – Buffer Over-read in DSP Services
https://notcve.org/view.php?id=CVE-2023-33078
Information Disclosure while processing IOCTL request in FastRPC. • https://www.qualcomm.com/company/product-security/bulletins/march-2024-bulletin • CWE-126: Buffer Over-read •