CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3970 – Server-Side Request Forgery vulnerability in iManager
https://notcve.org/view.php?id=CVE-2024-3970
15 May 2024 — This could lead to senstive information disclosure by directory traversal. ... This could lead to senstive information disclosure by directory traversal. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5937 – Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0
https://notcve.org/view.php?id=CVE-2023-5937
15 May 2024 — This can lead to information disclosure by local attackers, via exfiltration of sensitive data from configuration files. • https://security.nozominetworks.com/NN-2023:15-01 • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34101 – ZDI-CAN-23614: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-34101
15 May 2024 — Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. • https://helpx.adobe.com/security/products/acrobat/apsb24-29.html • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31483
https://notcve.org/view.php?id=CVE-2024-31483
14 May 2024 — An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4562 – WhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via HttpMonitorSettings
https://notcve.org/view.php?id=CVE-2024-4562
14 May 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to disclose information in the context of the application. • https://community.progress.com/s/article/Announcing-WhatsUp-Gold-v2023-1-2 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4561 – WhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via FaviconController
https://notcve.org/view.php?id=CVE-2024-4561
14 May 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software WhatsUp Gold. ... An attacker can leverage this vulnerability to disclose information in the context of the application. • https://community.progress.com/s/article/Announcing-WhatsUp-Gold-v2023-1-2 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30054 – Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30054
14 May 2024 — Microsoft Power BI Client JavaScript SDK Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del SDK de JavaScript del cliente Microsoft Power BI • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30054 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 25EXPL: 0CVE-2024-30039 – Windows Remote Access Connection Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30039
14 May 2024 — Windows Remote Access Connection Manager Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del Administrador de conexión de acceso remoto de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30039 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 6.8EPSS: 0%CPEs: 14EXPL: 0CVE-2024-30036 – Windows Deployment Services Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30036
14 May 2024 — Windows Deployment Services Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de los servicios de implementación de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30036 • CWE-41: Improper Resolution of Path Equivalence •
CVSS: 5.5EPSS: 0%CPEs: 25EXPL: 0CVE-2024-30016 – Windows Cryptographic Services Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30016
14 May 2024 — Windows Cryptographic Services Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de servicios criptográficos de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30016 • CWE-125: Out-of-bounds Read •