CVE-2024-0087
https://notcve.org/view.php?id=CVE-2024-0087
A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5535 • CWE-73: External Control of File Name or Path •
CVE-2024-30171 – bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
https://notcve.org/view.php?id=CVE-2024-30171
Timing-based leakage may occur in RSA based handshakes because of exception processing. ... The PKCS#1 1.5 attack vector leaks data via javax.crypto.Cipher exceptions and the OAEP interface vector leaks via the bit size of the decrypted data. • https://github.com/bcgit/bc-csharp/wiki/CVE%E2%80%902024%E2%80%9030171 https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902024%E2%80%9030171 https://security.netapp.com/advisory/ntap-20240614-0008 https://www.bouncycastle.org/latest_releases.html https://access.redhat.com/security/cve/CVE-2024-30171 https://bugzilla.redhat.com/show_bug.cgi?id=2276360 https://people.redhat.com/~hkario/marvin • CWE-203: Observable Discrepancy CWE-208: Observable Timing Discrepancy •
CVE-2024-32100 – WordPress Easy Digital Downloads plugin <= 3.2.11 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-32100
This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/easy-digital-downloads/wordpress-easy-digital-downloads-plugin-3-2-11-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-34812 – WordPress ShopBuilder plugin <= 2.1.8 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-34812
This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/shopbuilder/wordpress-shopbuilder-plugin-2-1-8-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-32761 – BIG-IP TMM tenants on VELOS and rSeries vulnerability
https://notcve.org/view.php?id=CVE-2024-32761
Under certain conditions, a potential data leak may occur in the Traffic Management Microkernels (TMMs) of BIG-IP tenants running on VELOS and rSeries platforms. • https://my.f5.com/manage/s/article/K000139217 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •