CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41834 – ZDI-CAN-24311: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-41834
Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-125: Out-of-bounds Read •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7704 – Weaver e-cology Source Code ecology_dev.zip information disclosure
https://notcve.org/view.php?id=CVE-2024-7704
The manipulation leads to information disclosure. ... Durch das Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/Dreamy-elfland/240731 https://vuldb.com/?ctiid.274182 https://vuldb.com/?id.274182 https://vuldb.com/?submit.385494 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42477 – llama.cpp global-buffer-overflow in ggml_type_size
https://notcve.org/view.php?id=CVE-2024-42477
This vulnerability may lead to memory data leakage. • https://github.com/ggerganov/llama.cpp/commit/b72942fac998672a79a1ae3c03b340f7e629980b https://github.com/ggerganov/llama.cpp/security/advisories/GHSA-mqp6-7pv6-fqjf • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43259 – WordPress Order Export for WooCommerce plugin <= 3.23 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-43259
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in JEM Plugins Order Export for WooCommerce.This issue affects Order Export for WooCommerce: from n/a through 3.23. The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.23. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/order-export-and-more-for-woocommerce/wordpress-order-export-for-woocommerce-plugin-3-23-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43264 – WordPress Create by Mediavine plugin <= 1.9.8 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-43264
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Mediavine Create by Mediavine.This issue affects Create by Mediavine: from n/a through 1.9.8. The Create by Mediavine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.8. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/mediavine-create/wordpress-create-by-mediavine-plugin-1-9-7-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •