CVSS: 3.3EPSS: %CPEs: -EXPL: 0CVE-2024-9762 – Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9762
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9821 – Bot for Telegram on WooCommerce <= 1.2.4 - Authenticated (Subscriber+) Telegram Bot Token Disclosure to Authentication Bypass
https://notcve.org/view.php?id=CVE-2024-9821
The Bot for Telegram on WooCommerce plugin for WordPress is vulnerable to sensitive information disclosure due to missing authorization checks on the 'stm_wpcfto_get_settings' AJAX action in all versions up to, and including, 1.2.4. • https://github.com/RandomRobbieBF/CVE-2024-9821 https://plugins.trac.wordpress.org/browser/bot-for-telegram-on-woocommerce/trunk/nuxy/helpers/helpers.php?rev=2575772#L54 https://www.wordfence.com/threat-intel/vulnerabilities/id/a662c904-ba2e-494c-a603-b22eeeddf43d?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-9763 – Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9763
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-9665 – Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9665
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Zimbra. ... An attacker can leverage this vulnerability to disclose information in the context of the target email account. •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-9753 – Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9753
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •