CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-49817 – IBM Security Guardium Key Lifecycle Manager information disclosure
https://notcve.org/view.php?id=CVE-2024-49817
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user. • https://www.ibm.com/support/pages/node/7175067 • CWE-260: Password in Configuration File •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26281 – Information disclosure vulnerability in Alarm clock module
https://notcve.org/view.php?id=CVE-2021-26281
Some parameters of the alarm clock module are improperly stored, leaking some sensitive information. • https://www.vivo.com/en/support/security-advisory-detail?id=9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26279 – Information disclosure vulnerability in Weather module
https://notcve.org/view.php?id=CVE-2021-26279
Some parameters of the weather module are improperly stored, leaking some sensitive information. • https://www.vivo.com/en/support/security-advisory-detail?id=10 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12061 – Events Addon for Elementor <= 2.2.3 - Authenticated (Contributor+) Post Disclosure
https://notcve.org/view.php?id=CVE-2024-12061
The Events Addon for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.3 via the naevents_elementor_template shortcode due to insufficient restrictions on which posts can be included. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3208546%40events-addon-for-elementor&new=3208546%40events-addon-for-elementor&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/f59d9d8a-467a-4920-963a-da45f1f4462f?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-12668 – Velocidex WinPmem Out of Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2024-12668
In conjunction with information leakage from the WinPmem driver, attackers can discover the location in memory for the g_CiOptions global symbol. • https://github.com/Velocidex/WinPmem/releases/tag/v4.1.dev1 • CWE-787: Out-of-bounds Write •