CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33321 – WordPress EventPrime plugin <= 2.8.6 - Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-33321
Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6. La vulnerabilidad de autorización faltante en Metagauss EventPrime permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a EventPrime: desde n/a hasta 2.8.6. The EventPrime plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.8.6. This could allow unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/eventprime-event-calendar-management/wordpress-eventprime-plugin-2-8-6-sensitive-data-exposure? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22878 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-22878
IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244373 https://https://www.ibm.com/support/pages/node/6988155 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2023-28950 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2023-28950
IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358. • https://exchange.xforce.ibmcloud.com/vulnerabilities/251358 https://https://www.ibm.com/support/pages/node/6985837 •
CVSS: 6.2EPSS: 0%CPEs: 10EXPL: 0CVE-2023-28514 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2023-28514
IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398. • https://exchange.xforce.ibmcloud.com/vulnerabilities/250398 https://www.ibm.com/support/pages/node/6985835 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35798 – Azure Arc Jumpstart Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-35798
Azure Arc Jumpstart Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35798 •