CVE-2024-30300 – Tenable Vulnerability Disclosure | Sensitive Information Disclosure Via Fake FMPS Worker
https://notcve.org/view.php?id=CVE-2024-30300
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Information Exposure vulnerability (CWE-200) that could lead to privilege escalation. An attacker could exploit this vulnerability to gain access to sensitive information which may include system or user privileges. • https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-38.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-30472
https://notcve.org/view.php?id=CVE-2024-30472
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000225289/dsa-2024-229 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-5947 – Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-5947
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. ... This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. ... Deep Sea Electronics DSE855 is vulnerable to configuration disclosure when direct object reference is made to the Backup.bin file using an HTTP GET request. This will enable an attacker to disclose sensitive information and help her in authentication bypass, privilege escalation, and full system access. • https://github.com/Cappricio-Securities/CVE-2024-5947 https://www.zerodayinitiative.com/advisories/ZDI-24-671 • CWE-306: Missing Authentication for Critical Function •
CVE-2024-2300 – HP Advance Mobile Application – Potential Information Disclosure
https://notcve.org/view.php?id=CVE-2024-2300
HP Advance Mobile Applications for iOS and Android are potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. • https://support.hp.com/us-en/document/ish_10737234-10737262-16/hpsbgn03921 •
CVE-2023-52335 – Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-52335
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. •