CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1075 – Minimal Coming Soon – Coming Soon Page <= 2.37 - Unauthenticated Maintenance Mode Bypass
https://notcve.org/view.php?id=CVE-2024-1075
The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to maintenance mode bypass and information disclosure in all versions up to, and including, 2.37. • https://plugins.trac.wordpress.org/browser/minimal-coming-soon-maintenance-mode/trunk/framework/public/init.php#L67 https://plugins.trac.wordpress.org/changeset/3031149/minimal-coming-soon-maintenance-mode/trunk/framework/public/init.php https://www.wordfence.com/threat-intel/vulnerabilities/id/78203b98-15bc-4d8e-9278-c472b518be07?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-33851 – IBM PowerVM Hypervisor information disclosure
https://notcve.org/view.php?id=CVE-2023-33851
IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1020.00 through FW1020.40, and FW1030.00 through FW1030.30 could reveal sensitive partition data to a system administrator. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257135 https://www.ibm.com/support/pages/node/7114491 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2024-23550 – HCL DevOps Deploy / HCL Launch (UCD) may be vulnerable to sensitive information disclosure
https://notcve.org/view.php?id=CVE-2024-23550
HCL DevOps Deploy / HCL Launch (UCD) could disclose sensitive user information when installing the Windows agent. HCL DevOps Deploy/HCL Launch (UCD) podría revelar información confidencial del usuario al instalar el agente de Windows. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110334 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1200 – Jspxcms information disclosure
https://notcve.org/view.php?id=CVE-2024-1200
The manipulation leads to information disclosure. ... Mittels Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/sweatxi/BugHub/blob/main/Nanchang%20Lanzhi%20Technology%20Co.pdf https://vuldb.com/?ctiid.252698 https://vuldb.com/?id.252698 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-38273 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-38273
IBM Cloud Pak System 2.3.1.1, 2.3.2.0, and 2.3.3.7 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 260733. IBM Cloud Pak System 2.3.1.1, 2.3.2.0 y 2.3.3.7 utiliza una configuración de bloqueo de cuenta inadecuada que podría permitir a un atacante remoto utilizar fuerza bruta en las credenciales de la cuenta. ID de IBM X-Force: 260733. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260733 https://www.ibm.com/support/pages/node/7105357 • CWE-307: Improper Restriction of Excessive Authentication Attempts •