CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2021-22529 – Sensitive Data Exposure leaks potential information in NetIQ Advance Authentication
https://notcve.org/view.php?id=CVE-2021-22529
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. • https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6551 – GiveWP <= 3.15.1 - Unauthenticated Full Path Disclosure
https://notcve.org/view.php?id=CVE-2024-6551
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.15.1. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://plugins.trac.wordpress.org/browser/give/tags/3.15.1/vendor/vendor-prefixed/symfony/http-foundation/Tests/Fixtures/response-functional/common.inc#L23 https://www.wordfence.com/threat-intel/vulnerabilities/id/2a13ce09-b312-4186-b0e2-63065c47f15d?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5288 – Safe-error attack on TLS 1.3 Protocol
https://notcve.org/view.php?id=CVE-2024-5288
A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. • https://github.com/wolfSSL/wolfssl/releases/tag/v5.7.2-stable • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6448 – Mollie Payments for WooCommerce <= 7.7.0 - Unauthenticated Full Path Disclosure
https://notcve.org/view.php?id=CVE-2024-6448
The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 7.7.0. ... On its own, this information is of very limited use. • https://plugins.trac.wordpress.org/browser/mollie-payments-for-woocommerce/tags/7.5.5/vendor/mollie/mollie-api-php/examples/initialize.php#L5 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3142176%40mollie-payments-for-woocommerce&new=3142176%40mollie-payments-for-woocommerce&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/0c98026c-28a9-4c69-9f34-4c3bd4f75d85?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 2CVE-2024-45241
https://notcve.org/view.php?id=CVE-2024-45241
A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information. • https://github.com/d4lyw/CVE-2024-45241 https://github.com/verylazytech/CVE-2024-45241 https://www.centralsquare.com/solutions/public-safety-software/public-safety-agency-operations/crywolf-false-alarm-management-solution https://daly.wtf/cve-2024-45241-path-traversal-in-centralsquare-crywolf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •