CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-44210
https://notcve.org/view.php?id=CVE-2023-44210
Sensitive information disclosure and manipulation due to missing authorization. • https://security-advisory.acronis.com/SEC-5528 https://security-advisory.acronis.com/advisories/SEC-2159 • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43906 – IBM Security Guardium information disclosure
https://notcve.org/view.php?id=CVE-2022-43906
IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897. IBM Security Guardium 11.5 podría revelar información confidencial debido a un atributo SameSite faltante o inseguro para una cookie confidencial. ID de IBM X-Force: 240897. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240897 https://https://www.ibm.com/support/pages/node/7038019 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44208
https://notcve.org/view.php?id=CVE-2023-44208
Sensitive information disclosure and manipulation due to missing authorization. • https://security-advisory.acronis.com/advisories/SEC-6587 • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40002 – WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-40002
The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_get_option' shortcode in versions up to, and including, 7.1.1 due to insufficient controls on the information retrievable via the shortcode. • https://patchstack.com/database/vulnerability/woocommerce-jetpack/wordpress-booster-for-woocommerce-plugin-7-1-2-authenticated-arbitrary-wordpress-option-disclosure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 1CVE-2023-43261 – Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage
https://notcve.org/view.php?id=CVE-2023-43261
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. • https://github.com/win3zz/CVE-2023-43261 http://milesight.com http://packetstormsecurity.com/files/176988/Milesight-UR5X-UR32L-UR32-UR35-UR41-Credential-Leakage.html http://ur5x.com https://medium.com/%40win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf https://support.milesight-iot.com/support/home • CWE-532: Insertion of Sensitive Information into Log File •