CVE-2024-3485 – Server-Side Request Forgery vulnerability in iManager
https://notcve.org/view.php?id=CVE-2024-3485
This could lead to senstive information disclosure. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2024-3970 – Server-Side Request Forgery vulnerability in iManager
https://notcve.org/view.php?id=CVE-2024-3970
This could lead to senstive information disclosure by directory traversal. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2023-5937 – Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0
https://notcve.org/view.php?id=CVE-2023-5937
On Windows systems, the Arc configuration files resulted to be world-readable. This can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files. • https://security.nozominetworks.com/NN-2023:15-01 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2024-34101 – ZDI-CAN-23614: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-34101
Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. • https://helpx.adobe.com/security/products/acrobat/apsb24-29.html • CWE-125: Out-of-bounds Read •
CVE-2024-31483
https://notcve.org/view.php?id=CVE-2024-31483
An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt •