CVE-2023-48288 – WordPress WordPress Job Board and Recruitment Plugin – JobWP Plugin <= 2.1 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-48288
This makes it possible for unauthenticated attackers to extract sensitive user data via resumes. • https://patchstack.com/database/vulnerability/jobwp/wordpress-jobwp-plugin-2-1-sensitive-data-exposure-on-resume-files-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-25682 – IBM Sterling B2B Integrator information disclosure
https://notcve.org/view.php?id=CVE-2023-25682
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034. IBM Sterling B2B Integrator Standard Edition 6.0.0.0 a 6.0.3.8 y 6.1.0.0 a 6.1.2.1 almacena información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 247034. • https://exchange.xforce.ibmcloud.com/vulnerabilities/247034 https://www.ibm.com/support/pages/node/7080172 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2023-6264
https://notcve.org/view.php?id=CVE-2023-6264
Information leak in Content-Security-Policy header in Devolutions Server 2023.3.7.0 allows an unauthenticated attacker to list the configured Devolutions Gateways endpoints. • https://devolutions.net/security/advisories/DEVO-2023-0020 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-36777 – IBM Cloud Pak for Security information disclosure
https://notcve.org/view.php?id=CVE-2022-36777
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.16.0could allow an authenticated user to obtain sensitive version information that could aid in further attacks against the system. IBM X-Force ID: 233665. IBM Cloud Pak for Security (CP4S) 1.10.0.0 a 1.10.11.0 e IBM QRadar Suite Software 1.10.12.0 a 1.10.16.0 podrían permitir a un usuario autenticado obtener información confidencial de la versión que podría ayudar en futuros ataques contra el sistema. ID de IBM X-Force: 233665. • https://exchange.xforce.ibmcloud.com/vulnerabilities/233665 https://www.ibm.com/support/pages/node/7080058 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-5983 – Information Disclosure in Botanik Software Pharmacy Automation
https://notcve.org/view.php?id=CVE-2023-5983
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Botanik Software Pharmacy Automation allows Retrieve Embedded Sensitive Data.This issue affects Pharmacy Automation: before 2.1.133.0. La exposición de información confidencial a una vulnerabilidad de actor no autorizado en Botanik Software Pharmacy Automation permite recuperar datos confidenciales incrustados. Este problema afecta a Pharmacy Automation: antes de 2.1.133.0. Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Botanik Software Pharmacy Automation allows Retrieve Embedded Sensitive Data.This issue affects Pharmacy Automation: before 2.1.133.0. • https://www.usom.gov.tr/bildirim/tr-23-0652 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •