CVSS: 8.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-21524
https://notcve.org/view.php?id=CVE-2024-21524
It's possible to return previously allocated memory, for example, by providing negative indexes, leading to an Information Disclosure. • https://gist.github.com/dellalibera/0bb022811224f81d998fa61c3175ee67 https://github.com/magiclen/node-stringbuilder/blob/5c2797d3d6bf8cb6d10fe1e077609cef9a5a7de0/src/node-stringbuilder.c%23L1281 https://security.snyk.io/vuln/SNYK-JS-NODESTRINGBUILDER-6421617 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38301
https://notcve.org/view.php?id=CVE-2024-38301
A low privileged attacker could potentially exploit this vulnerability, leading to denial of service on the local system and information disclosure. • https://www.dell.com/support/kbdoc/en-us/000225774/dsa-2024-258 • CWE-1107: Insufficient Isolation of Symbolic Constant Definitions •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32670
https://notcve.org/view.php?id=CVE-2024-32670
Exposure of Sensitive Information to an Unauthorized Actor in Samsung Galaxy SmartTag2 prior to 0.20.04 allows attackes to potentially identify the tag's location by scanning the BLE adversting. • https://securityreport.samsung.com • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25023 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-25023
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local user. • https://exchange.xforce.ibmcloud.com/vulnerabilities/281429 https://www.ibm.com/support/pages/node/7159768 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-21993 – Information Disclosure Vulnerability in SnapCenter
https://notcve.org/view.php?id=CVE-2024-21993
SnapCenter versions prior to 5.0p1 are susceptible to a vulnerability which could allow an authenticated attacker to discover plaintext credentials. Las versiones de SnapCenter anteriores a la 5.0p1 son susceptibles a una vulnerabilidad que podría permitir a un atacante autenticado descubrir credenciales en texto plano. • https://security.netapp.com/advisory/ntap-20240705-0007 •