Vulnerabilities > Exposure of Private Information ('Privacy Violation')

DATE CVE VULNERABILITY TITLE RISK
2024-12-14 CVE-2024-11712 The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getResumeFileDownloadById() function in all versions up to, and including, 2.2.2.
network
low complexity
CWE-359
5.3
5.3
2024-12-06 CVE-2024-42494 Privacy Violation vulnerability in Ruijienetworks Reyee OS
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensitive information from all cloud accounts registered to Ruijie's services
network
low complexity
ruijienetworks CWE-359
7.5
7.5
2024-11-19 CVE-2024-37070 IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.
network
low complexity
CWE-359
4.3
4.3
2024-11-14 CVE-2024-49025 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
network
low complexity
CWE-359
5.4
5.4
2024-10-17 CVE-2024-49386 Privacy Violation vulnerability in Acronis Cyber Files
Sensitive information disclosure due to spell-jacking.
low complexity
acronis CWE-359
5.7
5.7