Page 21 of 10792 results (0.083 seconds)

CVSS: 8.6EPSS: 0%CPEs: -EXPL: 0

Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38190 • CWE-862: Missing Authorization •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a network. Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38204 • CWE-284: Improper Access Control •

CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. • https://www.oracle.com/security-alerts/cpuoct2024.html •

CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BogdanFix WP SendFox allows Retrieve Embedded Sensitive Data.This issue affects WP SendFox: from n/a through 1.3.1. The WP SendFox plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.1. • https://patchstack.com/database/vulnerability/wp-sendfox/wordpress-wp-sendfox-plugin-1-3-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •