CVE-2024-9752 – Tungsten Automation Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9752
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •
CVE-2024-9759 – Tungsten Automation Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9759
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •
CVE-2024-9757 – Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9757
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •
CVE-2024-9762 – Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9762
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •
CVE-2024-9821 – Bot for Telegram on WooCommerce <= 1.2.4 - Authenticated (Subscriber+) Telegram Bot Token Disclosure to Authentication Bypass
https://notcve.org/view.php?id=CVE-2024-9821
The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4. • https://github.com/RandomRobbieBF/CVE-2024-9821 https://plugins.trac.wordpress.org/browser/bot-for-telegram-on-woocommerce/trunk/nuxy/helpers/helpers.php?rev=2575772#L54 https://www.wordfence.com/threat-intel/vulnerabilities/id/a662c904-ba2e-494c-a603-b22eeeddf43d?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •