CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-34352 – IBM QRadar information disclosure
https://notcve.org/view.php?id=CVE-2022-34352
IBM QRadar SIEM 7.5.0 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. IBM X-Force ID: 230403. • https://exchange.xforce.ibmcloud.com/vulnerabilities/230403 https://www.ibm.com/support/pages/node/7006057 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-26276 – IBM QRadar information disclosure
https://notcve.org/view.php?id=CVE-2023-26276
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 248147. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248147 https://www.ibm.com/support/pages/node/7006081 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-36523 – WordPress Email download link Plugin <= 3.7 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-36523
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email download link.This issue affects Email download link: from n/a through 3.7. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en el enlace de descarga del correo electrónico de Gopi Ramasamy. Este problema afecta el enlace de descarga del correo electrónico: desde n/a hasta 3.7. The Email download link plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.7. This can allow unauthenticated attackers to extract sensitive data from the database. • https://patchstack.com/database/vulnerability/email-download-link/wordpress-email-download-link-plugin-3-7-sensitive-data-exposure? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36399 – WordPress Booked Plugin < 2.4.4 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2022-36399
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BoxyStudio Booked - Appointment Booking for WordPress | Calendars.This issue affects Booked - Appointment Booking for WordPress | Calendars: from n/a before 2.4.4. Vulnerabilidad de exposición de información confidencial a un actor no autorizado en BoxyStudio Booked - Appointment Booking for WordPress | Calendars. Este problema afecta a Booked - Appointment Booking for WordPress | Calendars: desde n/a antes de 2.4.4. The Booked plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.4. This can allow unauthenticated attackers to extract sensitive appointment-related data from the database. • https://patchstack.com/database/vulnerability/booked/wordpress-booked-plugin-2-4-unauth-appointment-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-25518
https://notcve.org/view.php?id=CVE-2023-25518
A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. • https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •