CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-29152
https://notcve.org/view.php?id=CVE-2024-29152
04 Jun 2024 — This can lead to disclosure of sensitive information. • https://semiconductor.samsung.com/support/quality-support/product-security-updates •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4332 – Improper Authentication in Tripwire Enterprise 9.1.0 APIs
https://notcve.org/view.php?id=CVE-2024-4332
03 Jun 2024 — Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification. • https://www.fortra.com/security/advisory/fi-2024-006 • CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-4540 – Keycloak: exposure of sensitive information in pushed authorization requests (par) kc_restart cookie
https://notcve.org/view.php?id=CVE-2024-4540
03 Jun 2024 — Client-provided parameters were found to be included in plain text in the KC_RESTART cookie returned by the authorization server's HTTP response to a `request_uri` authorization request, possibly leading to an information disclosure vulnerability. • https://access.redhat.com/errata/RHSA-2024:3566 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-43555 – Buffer Over-read in Video
https://notcve.org/view.php?id=CVE-2023-43555
03 Jun 2024 — Information disclosure in Video while parsing mp2 clip with invalid section length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-43537 – Buffer Over-read in WLAN Host
https://notcve.org/view.php?id=CVE-2023-43537
03 Jun 2024 — Information disclosure while handling T2LM Action Frame in WLAN Host. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0CVE-2024-20071
https://notcve.org/view.php?id=CVE-2024-20071
03 Jun 2024 — This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-20070
https://notcve.org/view.php?id=CVE-2024-20070
03 Jun 2024 — In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0CVE-2024-20069
https://notcve.org/view.php?id=CVE-2024-20069
03 Jun 2024 — This could lead to remote information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 4.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-20065
https://notcve.org/view.php?id=CVE-2024-20065
03 Jun 2024 — In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44534
https://notcve.org/view.php?id=CVE-2021-44534
31 May 2024 — Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure. • https://hackerone.com/reports/1096043 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •