CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39585
https://notcve.org/view.php?id=CVE-2024-39585
A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Client-side request forgery and Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228357/dsa-2024-377-security-update-for-dell-networking-os10-vulnerability https://www.dell.com/support/kbdoc/en-us/000228355/dsa-2024-376-security-update-for-dell-networking-os10-vulnerability • CWE-259: Use of Hard-coded Password •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8538 – Big File Uploads <= 2.1.2 - Authenticated (Author+) Full Path Disclosure
https://notcve.org/view.php?id=CVE-2024-8538
The Big File Uploads – Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://github.com/uglyrobot/big-file-uploads/blob/master/tuxedo_big_file_uploads.php#L601 https://plugins.trac.wordpress.org/changeset/3147755/tuxedo-big-file-uploads/trunk/tuxedo_big_file_uploads.php https://www.wordfence.com/threat-intel/vulnerabilities/id/1bd308a4-7157-4bc6-a55b-c6a4a62510a9?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-44408
https://notcve.org/view.php?id=CVE-2024-44408
D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. • https://github.com/lonelylonglong/openfile-/blob/main/DIR-823G.md/DIR-823G.md https://github.com/lonelylonglong/openfile-/blob/main/DIR-823G.md/CVE-2024-44408 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45096 – IBM Aspera Faspex information disclosure
https://notcve.org/view.php?id=CVE-2024-45096
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing. • https://www.ibm.com/support/pages/node/7167255 • CWE-548: Exposure of Information Through Directory Listing •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 1CVE-2024-8461 – D-Link DNS-320 Web Management Interface discovery.cgi information disclosure
https://notcve.org/view.php?id=CVE-2024-8461
The manipulation leads to information disclosure. ... Durch Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/leetsun/IoT-Vuls/tree/main/Dlink-dns320/4 https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383 https://vuldb.com/?ctiid.276627 https://vuldb.com/?id.276627 https://vuldb.com/?submit.401300 https://www.dlink.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •