CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-1682 – Unclaimed S3 Bucket Reference in psf/requests Documentation
https://notcve.org/view.php?id=CVE-2024-1682
The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of trustworthiness, and potential further attacks if the bucket is used to host malicious content or as a pivot point for further attacks. • https://github.com/psf/requests/commit/6106a63eb6c0fa490efa73d44388ac25b1b08af4 https://huntr.com/bounties/4da5ded5-b59b-4ece-8812-46a4329e446c • CWE-840: Business Logic Errors •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45642 – IBM Security ReaQta information disclosure
https://notcve.org/view.php?id=CVE-2024-45642
This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. • https://www.ibm.com/support/pages/node/7172212 • CWE-942: Permissive Cross-domain Policy with Untrusted Domains •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-41206
https://notcve.org/view.php?id=CVE-2024-41206
A stack-based buffer over-read in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Information Disclosure via a crafted TS video file. • https://github.com/justdan96/tsMuxer/issues/859 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-49777
https://notcve.org/view.php?id=CVE-2024-49777
A heap-based buffer overflow in tsMuxer version nightly-2024-03-14-01-51-12 allows attackers to cause Denial of Service (DoS), Information Disclosure and Code Execution via a crafted MKV video file. • https://github.com/justdan96/tsMuxer/issues/842 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-31074
https://notcve.org/view.php?id=CVE-2024-31074
Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01177.html • CWE-208: Observable Timing Discrepancy •