CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38756 – WordPress Coming Soon Page – Responsive Coming Soon & Maintenance Mode plugin <= 1.6.3 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-38756
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Weblizar Coming Soon allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming Soon: from n/a through 1.6.3. The Coming Soon Page – Responsive Coming Soon & Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.3. This makes it possible for unauthenticated attackers to extract potentially sensitive information. • https://patchstack.com/database/vulnerability/responsive-coming-soon-page/wordpress-coming-soon-page-responsive-coming-soon-maintenance-mode-plugin-1-6-3-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6235 – Sensitive information disclosure
https://notcve.org/view.php?id=CVE-2024-6235
Sensitive information disclosure in NetScaler Console Divulgación de información confidencial en NetScaler Console • https://support.citrix.com/article/CTX677998 • CWE-287: Improper Authentication •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 2CVE-2024-6646 – Netgear WN604 Web Interface downloadFile.php information disclosure
https://notcve.org/view.php?id=CVE-2024-6646
The manipulation of the argument file with the input config leads to information disclosure. ... Dank Manipulation des Arguments file mit der Eingabe config mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/inviewp/CVE-2024-6646 https://github.com/mikutool/vul/issues/1 https://vuldb.com/?ctiid.271052 https://vuldb.com/?id.271052 https://vuldb.com/?submit.367382 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33860 – IBM Security ReaQta information disclosure
https://notcve.org/view.php?id=CVE-2023-33860
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 257702. IBM Security QRadar EDR 3.12 no establece el atributo seguro en tokens de autorización o cookies de sesión. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257702 https://www.ibm.com/support/pages/node/7159770 • CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33859 – IBM Security ReaQta information disclosure
https://notcve.org/view.php?id=CVE-2023-33859
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697. IBM Security QRadar EDR 3.12 podría revelar información confidencial debido a una discrepancia observable en la respuesta de inicio de sesión. ID de IBM X-Force: 257697. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257697 https://www.ibm.com/support/pages/node/7159770 • CWE-204: Observable Response Discrepancy •