CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52208 – WordPress Constant Contact Forms Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-52208
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Constant Contact Constant Contact Forms. Este problema afecta a Constant Contact Forms: desde n/a hasta 2.4.2. The Constant Contact Forms plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.2. This makes it possible for unauthenticated attackers to extract sensitive data from log files. • https://patchstack.com/database/vulnerability/constant-contact-forms/wordpress-constant-contact-forms-plugin-2-4-2-sensitive-data-exposure-via-log-file-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52190 – WordPress Coupon Referral Program Plugin <= 1.7.2 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-52190
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en WP Swings Coupon Referral Program. Este problema afecta a Coupon Referral Program: desde n/a hasta 1.7.2. The Coupon Referral Program plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.2. This makes it possible for unauthenticated attackers to extract sensitive user data. • https://patchstack.com/database/vulnerability/coupon-referral-program/wordpress-coupon-referral-program-plugin-1-7-2-unauthenticated-sensitive-data-pii-coupon-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4164 – There is a possible information disclosure due to a missing permission check in Pixel Watch
https://notcve.org/view.php?id=CVE-2023-4164
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed. • https://source.android.com/docs/security/bulletin/pixel-watch/2023/2023-12-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-0191 – RRJ Nueva Ecija Engineer Online Portal file information disclosure
https://notcve.org/view.php?id=CVE-2024-0191
A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/uploads/. The manipulation leads to file and directory information exposure. It is possible to launch the attack remotely. • https://mega.nz/file/uZt00bIA#uqwP2WkWK5kbKOUbRrgbZY4_-4enuhFw5O9LtJ_cclY https://vuldb.com/?ctiid.249504 https://vuldb.com/?id.249504 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6693 – Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx()
https://notcve.org/view.php?id=CVE-2023-6693
Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. • https://access.redhat.com/errata/RHSA-2024:2962 https://access.redhat.com/security/cve/CVE-2023-6693 https://bugzilla.redhat.com/show_bug.cgi?id=2254580 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYGUN5HVOXESW7MSNM44E4AE2VNXQB6Y https://security.netapp.com/advisory/ntap-20240208-0004 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •