CVE-2023-49762 – WordPress AppMySite Plugin <= 3.11.0 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-49762
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AppMySite AppMySite – Create an app with the Best Mobile App Builder.This issue affects AppMySite – Create an app with the Best Mobile App Builder: from n/a through 3.11.0. Vulnerabilidad de exposición de información confidencial a un actor no autorizado en AppMySite AppMySite – Create an app with the Best Mobile App Builder. Este problema afecta a AppMySite – Create an app with the Best Mobile App Builder: desde n/a hasta 3.11.0. The AppMySite – Create an app with the Best Mobile App Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.11.0. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/appmysite/wordpress-appmysite-create-an-app-with-the-best-mobile-app-builder-plugin-3-10-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-6114 – Duplicator < 1.5.7.1; Duplicator Pro < 4.5.14.2 - Unauthenticated Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-6114
WordPress Duplicator plugin versions prior to 1.5.7.1 suffer from an unauthenticated sensitive data exposure vulnerability that can lead to account takeover. • https://drive.google.com/file/d/1mpapFCqfZLv__EAM7uivrrl2h55rpi1V/view?usp=sharing https://wpscan.com/vulnerability/5c5d41b9-1463-4a9b-862f-e9ee600ef8e1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-552: Files or Directories Accessible to External Parties •
CVE-2023-42019 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-42019
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. IBM InfoSphere Information Server 11.7 podría permitir que un atacante remoto provoque una denegación de servicio debido a una validación de entrada incorrecta. ID de IBM X-Force: 265161. • https://exchange.xforce.ibmcloud.com/vulnerabilities/265569 https://www.ibm.com/support/pages/node/7067719 • CWE-311: Missing Encryption of Sensitive Data •
CVE-2023-43021 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-43021
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167. IBM InfoSphere Information Server 11.7 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría usarse en futuros ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/266167 https://www.ibm.com/support/pages/node/7074317 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVE-2023-26024 – IBM Planning Analytics on Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2023-26024
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898. IBM Planning Analytics on Cloud Pak for Data 4.0 podría permitir que un atacante en una red compartida obtenga información confidencial causada por una comunicación de red insegura. ID de IBM X-Force: 247898. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247898 https://https://www.ibm.com/support/pages/node/7082784 https://www.ibm.com/support/pages/node/7082784 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •