CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5494 – Debian Security Advisory 5701-1
https://notcve.org/view.php?id=CVE-2024-5494
30 May 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5493 – Debian Security Advisory 5701-1
https://notcve.org/view.php?id=CVE-2024-5493
30 May 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36033 – Bluetooth: qca: fix info leak when fetching board id
https://notcve.org/view.php?id=CVE-2024-36033
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware. ... In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching board id Add the missing sanity check when fetching the board id to avoid leaking slab data when later requesting the firmware. • https://git.kernel.org/stable/c/a7f8dedb4be2cc930a29af24427b885405ecd15d •
CVSS: 2.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-36032 – Bluetooth: qca: fix info leak when fetching fw build id
https://notcve.org/view.php?id=CVE-2024-36032
30 May 2024 — In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply is malformed. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer... • https://git.kernel.org/stable/c/c0187b0bd3e94c48050687d87b2c3c9fbae98ae9 •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43841 – IBM Aspera Console information disclosure
https://notcve.org/view.php?id=CVE-2022-43841
30 May 2024 — IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078. IBM Aspera Console 3.4.0 a 3.4.2 PL9 permite almacenar páginas web localmente que otro usuario del sistema puede leer. ID de IBM X-Force: 239078. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239078 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4205 – Premium Addons for Elementor <= 4.10.31 - Missing Authorization to Information Disclosure
https://notcve.org/view.php?id=CVE-2024-4205
30 May 2024 — The Premium Addons for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_template_content() function in all versions up to, and including, 4.10.31. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve Elementor template data. El complemento Premium Addons for Elementor para WordPress es vulnerable al acceso no autorizado a los datos debido a una falta de verificación de capacidad en la f... • https://plugins.trac.wordpress.org/browser/premium-addons-for-elementor/tags/4.10.28/includes/addons-integration.php#L1408 • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36107 – Information disclosure in minio
https://notcve.org/view.php?id=CVE-2024-36107
28 May 2024 — `If-Modified-Since` and `If-Unmodified-Since` headers when used with anonymous requests by sending a random object name requests can be used to determine if an object exists or not on the server on a specific bucket and also gain access to some amount of information such as `Last-Modified (of the latest version)`, `Etag (of the latest version)`, `x-amz-version-id (of the latest version)`, `Expires (metadata value of the latest version)`, `Cache-Control (metadata value of the latest version)`. • https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Modified-Since • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.6EPSS: 96%CPEs: 16EXPL: 66CVE-2024-24919 – Check Point Quantum Security Gateways Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-24919
28 May 2024 — Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. ... Check Point Security Gateway suffers from an information disclosure vulnerability. ... Check Point Quantum Security Gateways contain an unspecified information disclosure vulnerability. The vulnerability potentially allows an attacker to access information on Gateways con... • https://packetstorm.news/files/id/178907 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23315
https://notcve.org/view.php?id=CVE-2024-23315
28 May 2024 — A specially crafted network packet can lead to a disclosure of sensitive information. • https://community.automationdirect.com/s/internal-database-security-advisory/a4GPE0000003yZ72AI/sa00037 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4429 – Cross Site Request Forgery vulnerability in iManager
https://notcve.org/view.php?id=CVE-2024-4429
28 May 2024 — This could lead to sensitive information disclosure. ... This could lead to sensitive information disclosure. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-352: Cross-Site Request Forgery (CSRF) •