CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25052 – IBM Jazz Reporting Service information disclosure
https://notcve.org/view.php?id=CVE-2024-25052
IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user. IBM X-Force ID: 283363. IBM Jazz Reporting Service 7.0.3 almacena las credenciales de usuario en texto plano que puede ser leído por un usuario administrador. ID de IBM X-Force: 283363. • https://exchange.xforce.ibmcloud.com/vulnerabilities/283363 https://https://www.ibm.com/support/pages/node/7157232 • CWE-256: Plaintext Storage of a Password •
CVSS: 5.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-32856
https://notcve.org/view.php?id=CVE-2024-32856
A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-30300 – Tenable Vulnerability Disclosure | Sensitive Information Disclosure Via Fake FMPS Worker
https://notcve.org/view.php?id=CVE-2024-30300
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Information Exposure vulnerability (CWE-200) that could lead to privilege escalation. An attacker could exploit this vulnerability to gain access to sensitive information which may include system or user privileges. • https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-38.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-30472
https://notcve.org/view.php?id=CVE-2024-30472
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000225289/dsa-2024-229 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5947 – Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-5947
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. ... This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. ... This will enable an attacker to disclose sensitive information and help her in authentication bypass, privilege escalation, and full system access. • https://github.com/Cappricio-Securities/CVE-2024-5947 https://www.zerodayinitiative.com/advisories/ZDI-24-671 • CWE-306: Missing Authentication for Critical Function •