CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-22270 – VMware Workstation hgfsVMCI_fileread Use of Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-22270
VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. ... This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-22269 – VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-22269
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. ... This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2024-25968
https://notcve.org/view.php?id=CVE-2024-25968
A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000224860/dsa-2024-163-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2024-30043 – Microsoft SharePoint Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30043
Microsoft SharePoint Server Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft SharePoint Server This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft SharePoint. ... An attacker can leverage this vulnerability to disclose information in the context of the service account. • https://github.com/W01fh4cker/CVE-2024-30043-XXE https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30043 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34754 – WordPress Contact Form Widget plugin <= 1.3.9 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-34754
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Contact Form Widget.This issue affects Contact Form Widget: from n/a through 1.3.9. ... The Contact Form Widget – Contact Query, Contact Page, Form Maker, Query Table plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.9. • https://patchstack.com/database/vulnerability/new-contact-form-widget/wordpress-contact-form-widget-plugin-1-3-9-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •