CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2024-5274 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2024-5274
27 May 2024 — (Severidad de seguridad de Chrome: alta) A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://packetstorm.news/files/id/180477 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2024-5354 – anji-plus AJ-Report detailByCode information disclosure
https://notcve.org/view.php?id=CVE-2024-5354
26 May 2024 — The manipulation of the argument shareToken leads to information disclosure. ... Dank der Manipulation des Arguments shareToken mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/anji-plus/report/files/15363269/aj-report.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-30056 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30056
25 May 2024 — Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Edge (basado en Chromium) • https://github.com/absholi7ly/Microsoft-Edge-Information-Disclosure • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2024-5230 – EnvaySoft FleetCart information disclosure
https://notcve.org/view.php?id=CVE-2024-5230
23 May 2024 — The manipulation of the argument razorpayKeyId leads to information disclosure. ... Dank Manipulation des Arguments razorpayKeyId mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. ... FleetCart version 4.1.1 suffers from an information leakage vulnerability. • https://packetstorm.news/files/id/178770 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31894 – IBM App Connect Enterprise information disclosure
https://notcve.org/view.php?id=CVE-2024-31894
22 May 2024 — IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. • https://exchange.xforce.ibmcloud.com/vulnerabilities/288175 • CWE-324: Use of a Key Past its Expiration Date •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31895 – IBM App Connect Enterprise information disclosure
https://notcve.org/view.php?id=CVE-2024-31895
22 May 2024 — IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. • https://exchange.xforce.ibmcloud.com/vulnerabilities/288176 • CWE-324: Use of a Key Past its Expiration Date •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31893 – IBM App Connect Enterprise information disclosure
https://notcve.org/view.php?id=CVE-2024-31893
22 May 2024 — IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. • https://exchange.xforce.ibmcloud.com/vulnerabilities/288174 • CWE-324: Use of a Key Past its Expiration Date •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2021-47477 – comedi: dt9812: fix DMA buffers on stack
https://notcve.org/view.php?id=CVE-2021-47477
22 May 2024 — Note that this also fixes a stack info leak on systems where DMA is not used as 32 bytes are always sent to the device regardless of how short the command is. ... Note that this also fixes a stack info leak on systems where DMA is not used as 32 bytes are always sent to the device regardless of how short the command is. • https://git.kernel.org/stable/c/63274cd7d38a3322d90b66a5bc976de1fb899051 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31844
https://notcve.org/view.php?id=CVE-2024-31844
21 May 2024 — In some cases, this leads to a disclosure of information about the server. ... Inside an error message, some information about the server is revealed, such as the absolute path of the source code of the application. This kind of information can help an attacker to perform other attacks against the system. • https://www.gruppotim.it/it/footer/red-team.html •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-47401 – ipack: ipoctal: fix stack information leak
https://notcve.org/view.php?id=CVE-2021-47401
21 May 2024 — In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix stack information leak The tty driver name is used also after registering the driver and must specifically not be allocated on the stack to avoid leaking information to user space (or triggering an oops). Drivers should not try to encode topology information in the tty device name but this one snuck in through staging without anyone noticing and another driver has since copied this malpractice. Drive... • https://git.kernel.org/stable/c/ba4dc61fe8c545a5d6a68b63616776556b771f51 •