CVSS: 8.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-38190 – Power Platform Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38190
Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38190 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-38204 – Imagine Cup site Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38204
Improper Access Control in Imagine Cup allows an authorized attacker to elevate privileges over a network. Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38204 • CWE-284: Improper Access Control •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21273 – Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21273
This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. • https://www.oracle.com/security-alerts/cpuoct2024.html •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49284 – WordPress WP SendFox plugin <= 1.3.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-49284
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BogdanFix WP SendFox allows Retrieve Embedded Sensitive Data.This issue affects WP SendFox: from n/a through 1.3.1. The WP SendFox plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.1. • https://patchstack.com/database/vulnerability/wp-sendfox/wordpress-wp-sendfox-plugin-1-3-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-9710 – PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9710
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. • https://github.com/PostHog/posthog/pull/25388 https://www.zerodayinitiative.com/advisories/ZDI-24-1383 • CWE-918: Server-Side Request Forgery (SSRF) •