CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-3305 – Information Disclosure in Utarit Information's SoliClub
https://notcve.org/view.php?id=CVE-2024-3305
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android. • https://www.usom.gov.tr/bildirim/tr-24-1457 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-38222 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38222
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38222 • CWE-276: Incorrect Default Permissions •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43237 – WordPress Tag Groups plugin <= 2.0.3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-43237
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in TaxoPress WordPress Tag Cloud Plugin – Tag Groups.This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through 2.0.3. The Tag Groups is the Advanced Way to Display Your Taxonomy Terms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several REST APIs in all versions up to, and including, 2.0.3. This makes it possible for unauthenticated attackers to extract information about tags. • https://patchstack.com/database/vulnerability/tag-groups/wordpress-tag-groups-plugin-2-0-3-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4465 – Incorrect authorization for Reports configuration in Guardian/CMC before 24.2.0
https://notcve.org/view.php?id=CVE-2024-4465
In Guardian/CMC instances with a reporting configuration, there could be limited Denial of Service (DoS) impacts, as the reports may not reach their intended destination, and there could also be limited information disclosure impacts. ... In Guardian/CMC instances with a reporting configuration, there could be limited Denial of Service (DoS) impacts, as the reports may not reach their intended destination, and there could also be limited information disclosure impacts. • https://security.nozominetworks.com/NN-2024:2-01 • CWE-863: Incorrect Authorization •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45787 – Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-45787
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to transmission of sensitive information in plain text in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request URL and intercepting response of the API request leading to exposure of sensitive information belonging to other users. • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •