Page 240 of 10827 results (0.217 seconds)

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-50328 – IBM PowerSC information disclosure

https://notcve.org/view.php?id=CVE-2023-50328

IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110. IBM PowerSC 1.3, 2.0 y 2.1 puede permitir a un atacante remoto ver identificadores de sesión pasados a través de cadenas de consulta URL. ID de IBM X-Force: 275110. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275110 https://www.ibm.com/support/pages/node/7113759 • CWE-598: Use of GET Request Method With Sensitive Query Strings CWE-668: Exposure of Resource to Wrong Sphere •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-50937 – IBM PowerSC information disclosure

https://notcve.org/view.php?id=CVE-2023-50937

IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275117 https://www.ibm.com/support/pages/node/7113759 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-50326 – IBM PowerSC information Disclosure

https://notcve.org/view.php?id=CVE-2023-50326

IBM PowerSC 1.3, 2.0, and 2.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 275107. IBM PowerSC 1.3, 2.0 y 2.1 utiliza una configuración de bloqueo de cuenta inadecuada que podría permitir a un atacante remoto utilizar fuerza bruta en las credenciales de la cuenta. ID de IBM X-Force: 275107. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275107 https://www.ibm.com/support/pages/node/7113759 • CWE-307: Improper Restriction of Excessive Authentication Attempts •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-24867 – WordPress WP Stats Manager plugin <= 6.9.4 - Sensitive Data Exposure vulnerability

https://notcve.org/view.php?id=CVE-2024-24867

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4. ... The WP Visitor Statistics (Real Time Traffic) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.9.4. • https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-stats-manager-plugin-6-9-4-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-0909 – Anonymous Restricted Content <= 1.6.2 - Protection Mechanism Bypass

https://notcve.org/view.php?id=CVE-2024-0909

The Anonymous Restricted Content plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 1.6.2. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030199%40anonymous-restricted-content&new=3030199%40anonymous-restricted-content&sfp_email=&sfph_mail= https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3030608%40anonymous-restricted-content&new=3030608%40anonymous-restricted-content&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/f478ff7c-7193-4c59-a84f-c7cafff9b6c0?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •