CVSS: 3.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-25616
https://notcve.org/view.php?id=CVE-2024-25616
Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE_AUTH negotiation process. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attackers. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22352 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-22352
IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that could be read by a local user. ... IBM InfoSphere Information Server 11.7 almacena información potencialmente confidencial en archivos de registro que un usuario local podría leer. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280361 https://www.ibm.com/support/pages/node/7117184 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-22255 – Information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-22255
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. • https://www.vmware.com/security/advisories/VMSA-2024-0006.html • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27929 – Use After Free in SixLabors.ImageSharp
https://notcve.org/view.php?id=CVE-2024-27929
This vulnerability is triggered when an attacker passes a specially crafted PNG image file to ImageSharp for conversion, potentially leading to information disclosure. • https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-65x7-c272-7g7r • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7232 – Backup and Restore WordPress <= 1.45 - Unauthenticated Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-7232
The Backup and Restore WordPress WordPress plugin through 1.45 does not protect some log files containing sensitive information such as site configuration etc, allowing unauthenticated users to access such data El complemento Backup and Restore WordPress de WordPress hasta la versión 1.45 no protege algunos archivos de registro que contienen información confidencial, como la configuración del sitio, etc., lo que permite a usuarios no autenticados acceder a dichos datos. The Backup and Restore WordPress – Backup Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.45 via log files. This makes it possible for unauthenticated attackers to extract potentially sensitive information via log files. • https://wpscan.com/vulnerability/323fef8a-aa17-4698-9a02-c12d1d390763 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •