CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6775 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6775
16 Jul 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6774 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6774
16 Jul 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6773 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6773
16 Jul 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6772 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6772
16 Jul 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-6395 – GitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Deploy Keys
https://notcve.org/view.php?id=CVE-2024-6395
16 Jul 2024 — An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an attacker to enumerate the names of private repositories that utilize deploy keys. • https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.9EPSS: 0%CPEs: 5EXPL: 0CVE-2024-6336 – Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure
https://notcve.org/view.php?id=CVE-2024-6336
16 Jul 2024 — A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.15 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45449
https://notcve.org/view.php?id=CVE-2022-45449
16 Jul 2024 — Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. • https://security-advisory.acronis.com/advisories/SEC-5279 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-48855 – sctp: fix kernel-infoleak for SCTP sockets
https://notcve.org/view.php?id=CVE-2022-48855
16 Jul 2024 — [1] BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline] BUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 instrument_copy_to_user include/linux/instrumented.h:121 [inline] copyout lib/iov_iter.c:154 [inline] _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 copy_to_iter include/linux/uio.h:162 [inline] simple_copy_to_iter+0xf3/0x140 ... • https://git.kernel.org/stable/c/8f840e47f190cbe61a96945c13e9551048d42cef • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-48853 – swiotlb: fix info leak with DMA_FROM_DEVICE
https://notcve.org/view.php?id=CVE-2022-48853
16 Jul 2024 — In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMA_FROM_DEVICE The problem I'm addressing was discovered by the LTP test covering cve-2018-1000204. ... In the Linux kernel, the following vulnerability has been resolved: swiotlb: fix info leak with DMA_FROM_DEVICE The problem I'm addressing was discovered by the LTP test covering cve-2018-1000204. • https://git.kernel.org/stable/c/c132f2ba716b5ee6b35f82226a6e5417d013d753 •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52290 – Apache StreamPark (incubating): Unchecked SQL query fields trigger SQL injection vulnerability
https://notcve.org/view.php?id=CVE-2023-52290
16 Jul 2024 — The attacker must successfully log into the system to launch an attack, which may cause data leakage. ... The attacker must successfully log into the system to launch an attack, which may cause data leakage. • https://lists.apache.org/thread/t3mcm8pb65d9gj3wrgtj9sx9s2pfvvl3 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •