CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-54469
https://notcve.org/view.php?id=CVE-2024-54469
10 Mar 2025 — A local user may be able to leak sensitive user information. • https://support.apple.com/en-us/121234 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56187
https://notcve.org/view.php?id=CVE-2024-56187
10 Mar 2025 — This could lead to local information disclosure with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2025-03-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56186
https://notcve.org/view.php?id=CVE-2024-56186
10 Mar 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2025-03-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56185
https://notcve.org/view.php?id=CVE-2024-56185
10 Mar 2025 — This could lead to local information disclosure with baseband firmware compromise required. • https://source.android.com/security/bulletin/pixel/2025-03-01 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56184
https://notcve.org/view.php?id=CVE-2024-56184
10 Mar 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2025-03-01 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 93%CPEs: 3EXPL: 23CVE-2025-24813 – Apache Tomcat Path Equivalence Vulnerability
https://notcve.org/view.php?id=CVE-2025-24813
10 Mar 2025 — Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Cod... • https://packetstorm.news/files/id/189826 • CWE-44: Path Equivalence: 'file.name' (Internal Dot) CWE-502: Deserialization of Untrusted Data •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52905 – IBM Sterling B2B Integrator information disclosure
https://notcve.org/view.php?id=CVE-2024-52905
10 Mar 2025 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database information to a privileged user. • https://www.ibm.com/support/pages/node/7185264 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47109 – IBM Sterling File Gateway information disclosure
https://notcve.org/view.php?id=CVE-2024-47109
10 Mar 2025 — IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7185259 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12975 – Silicon Labs CPC can leak information in full duplex SPI
https://notcve.org/view.php?id=CVE-2024-12975
07 Mar 2025 — A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface. • https://community.silabs.com/069Vm00000LWXMeIAP • CWE-125: Out-of-bounds Read CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51476 – IBM Concert Software information disclosure
https://notcve.org/view.php?id=CVE-2024-51476
06 Mar 2025 — IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. • https://www.ibm.com/support/pages/node/7184961 • CWE-307: Improper Restriction of Excessive Authentication Attempts •