CVE-2024-22266 – VMware Avi Load Balancer updates address multiple vulnerabilities
https://notcve.org/view.php?id=CVE-2024-22266
VMware Avi Load Balancer contains an information disclosure vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24219 •
CVE-2024-25533
https://notcve.org/view.php?id=CVE-2024-25533
Error messages in RuvarOA v6.01 and v12.01 were discovered to leak the physical path of the website (/WorkFlow/OfficeFileUpdate.aspx). This vulnerability can allow attackers to write files to the server or execute arbitrary commands via crafted SQL statements. Se descubrió que los mensajes de error en RuvarOA v6.01 y v12.01 filtraban la ruta física del sitio web (/WorkFlow/OfficeFileUpdate.aspx). Esta vulnerabilidad puede permitir a los atacantes escribir archivos en el servidor o ejecutar comandos arbitrarios mediante declaraciones SQL manipuladas. • https://gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358d#information-leakage-and-unauthorized-access-to-sensitive-data • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-40694 – IBM Watson CP4D Data Stores information disclosure
https://notcve.org/view.php?id=CVE-2023-40694
IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log files that could be read by a local user. ... IBM Watson CP4D Data Stores 4.0.0 a 4.8.4 almacena información potencialmente confidencial en archivos de registro que un usuario local podría leer. • https://exchange.xforce.ibmcloud.com/vulnerabilities/264838 https://www.ibm.com/support/pages/node/7150286 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-23709
https://notcve.org/view.php?id=CVE-2024-23709
This could lead to remote information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/external/sonivox/+/3f798575d2d39cd190797427d13471d6e7ceae4c https://source.android.com/security/bulletin/2024-05-01 • CWE-122: Heap-based Buffer Overflow •
CVE-2024-0022
https://notcve.org/view.php?id=CVE-2024-0022
This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/bdf1cce569c9700965ff6baee8efd3fb1e8269e8 https://source.android.com/security/bulletin/2024-04-01 •