CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40002 – WordPress Booster for WooCommerce Plugin <= 7.1.1 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-40002
The Booster for WooCommerce for WordPress is vulnerable to Information Disclosure via the 'wcj_get_option' shortcode in versions up to, and including, 7.1.1 due to insufficient controls on the information retrievable via the shortcode. • https://patchstack.com/database/vulnerability/woocommerce-jetpack/wordpress-booster-for-woocommerce-plugin-7-1-2-authenticated-arbitrary-wordpress-option-disclosure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 12EXPL: 1CVE-2023-43261 – Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage
https://notcve.org/view.php?id=CVE-2023-43261
An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components. • https://github.com/win3zz/CVE-2023-43261 http://milesight.com http://packetstormsecurity.com/files/176988/Milesight-UR5X-UR32L-UR32-UR35-UR41-Credential-Leakage.html http://ur5x.com https://medium.com/%40win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf https://support.milesight-iot.com/support/home • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2023-44412 – D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-44412
D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-23-1510 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-42129 – A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-42129
A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability. ... A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability. • https://support.a10networks.com/support/security_advisory/a10-acos-file-access-vulnerability https://www.zerodayinitiative.com/advisories/ZDI-23-1495 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22447 – IBM Disconnected Log Collector information disclosure
https://notcve.org/view.php?id=CVE-2022-22447
IBM Disconnected Log Collector 1.0 through 1.8.2 is vulnerable to potential security misconfigurations that could disclose unintended information. IBM X-Force ID: 224648. IBM Disconnected Log Collector 1.0 a 1.8.2 es vulnerable a posibles errores de configuración de seguridad que podrían revelar información no deseada. ID de IBM X-Force: 224648. • https://exchange.xforce.ibmcloud.com/vulnerabilities/224648 https://https://www.ibm.com/support/pages/node/7042313 https://www.ibm.com/support/pages/node/7042313 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •