CVE-2023-30430 – IBM Security Verify Access information disclosure
https://notcve.org/view.php?id=CVE-2023-30430
IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from trace logs. IBM X-Force ID: 252183. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252183 https://www.ibm.com/support/pages/node/7158789 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-37270 – WordPress TrustedLogin Vendor plugin < 1.1.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-37270
Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin Vendor.This issue affects TrustedLogin Vendor: from n/a before 1.1.1. Inserción de información confidencial en la vulnerabilidad del archivo de registro en TrustedLogin TrustedLogin Vendor. Este problema afecta a TrustedLogin Vendor: desde n/a antes de 1.1.1. The TrustedLogin Vendor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions prior to 1.1.1 (exclusive). This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/vendor/wordpress-trustedlogin-vendor-plugin-1-1-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-37141
https://notcve.org/view.php?id=CVE-2024-37141
A remote low privileged attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2024-28973
https://notcve.org/view.php?id=CVE-2024-28973
Exploitation may lead to information disclosure, session theft, or client-side request forgery Dell PowerProtect DD, versiones anteriores a 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contienen una vulnerabilidad de Cross-Site Scripting Almacenado. • https://www.dell.com/support/kbdoc/en-us/000226148/dsa-2024-219-dell-technologies-powerprotect-dd-security-update-for-multiple-security-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-6060
https://notcve.org/view.php?id=CVE-2024-6060
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with access to the log files to view logged HTTP requests that contain user passwords or other sensitive information. • https://sites.google.com/sonatype.com/vulnerabilities/cve-2024-6060 • CWE-532: Insertion of Sensitive Information into Log File •