Page 54 of 10805 results (0.092 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

The Migration, Backup, Staging WordPress plugin before 0.9.106 does not use sufficient randomness in the filename that is created when generating a backup, which could be bruteforced by attackers to leak sensitive information about said backups. The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.105. • https://wpscan.com/vulnerability/456b728b-a451-4afb-895f-850ddc4fb589 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Endpoint Manager. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-September-2024-for-EPM-2024-and-EPM-2022 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0

Microsoft Windows Admin Center Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43475 • CWE-126: Buffer Over-read •

CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 0

Windows Networking Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43458 • CWE-908: Use of Uninitialized Resource •

CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0

Windows Remote Desktop Licensing Service Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38258 • CWE-23: Relative Path Traversal •