CVE-2024-27257 – IBM OpenPages information disclosure
https://notcve.org/view.php?id=CVE-2024-27257
IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users. IBM OpenPages 8.3 y 9.0 potencialmente expone información sobre el código fuente del lado del cliente mediante el uso de mapas de origen de JavaScript a usuarios no autorizados. • https://exchange.xforce.ibmcloud.com/vulnerabilities/283966 https://www.ibm.com/support/pages/node/7167702 • CWE-540: Inclusion of Sensitive Information in Source Code •
CVE-2024-39582
https://notcve.org/view.php?id=CVE-2024-39582
A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228412/dsa-2024-360-security-update-for-dell-powerscale-insightiq-for-multiple-security-vulnerabilities • CWE-798: Use of Hard-coded Credentials •
CVE-2024-42425
https://notcve.org/view.php?id=CVE-2024-42425
A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000227015/dsa-2024-328 • CWE-788: Access of Memory Location After End of Buffer •
CVE-2024-42424
https://notcve.org/view.php?id=CVE-2024-42424
A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000227014/dsa-2024-327 • CWE-20: Improper Input Validation •
CVE-2024-45283 – Information disclosure vulnerability in SAP NetWeaver AS for Java (Destination Service)
https://notcve.org/view.php?id=CVE-2024-45283
SAP NetWeaver AS for Java allows an authorized attacker to obtain sensitive information. The attacker could obtain the username and password when creating an RFC destination. After successful exploitation, an attacker can read the sensitive information but cannot modify or delete the data. • https://me.sap.com/notes/3477359 https://url.sap/sapsecuritypatchday • CWE-256: Plaintext Storage of a Password •