CVE-2023-39179 – Kernel: ksmbd: read request out-of-bounds read information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2023-39179
An attacker can leverage this to disclose sensitive information on affected installations of Linux. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. • https://access.redhat.com/security/cve/CVE-2023-39179 https://bugzilla.redhat.com/show_bug.cgi?id=2326529 https://www.zerodayinitiative.com/advisories/ZDI-24-586 • CWE-125: Out-of-bounds Read •
CVE-2024-31878 – IBM i information disclosure
https://notcve.org/view.php?id=CVE-2024-31878
This vulnerability can be used by a malicious actor to gather information about SST users that can be targeted in further attacks. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287538 https://www.ibm.com/support/pages/node/7156725 • CWE-203: Observable Discrepancy •
CVE-2024-5328 – SSRF Vulnerability in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-5328
This could lead to the disclosure of sensitive information, service disruption, or further attacks against the network infrastructure. • https://huntr.com/bounties/80b09757-d9a0-44d1-932f-2461fc8fec69 • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2024-3429 – Path Traversal in parisneo/lollms
https://notcve.org/view.php?id=CVE-2024-3429
Successful exploitation could lead to unauthorized access to sensitive files, information disclosure, and potentially a denial of service (DoS) condition by including numerous large or resource-intensive files. • https://github.com/parisneo/lollms/commit/f4424cfc3d6dfb3ad5ac17dd46801efe784933e9 https://huntr.com/bounties/fd8f50c8-17f0-40be-a2c6-bb8d80f7c409 • CWE-29: Path Traversal: '\..\filename' •
CVE-2024-3322 – Path Traversal in parisneo/lollms-webui
https://notcve.org/view.php?id=CVE-2024-3322
This flaw leads to arbitrary file read and overwrite capabilities in specified directories without limitations, posing a significant risk of sensitive information disclosure and unauthorized file manipulation. • https://github.com/parisneo/lollms-webui/commit/1e17df01e01d4d33599db2afaafe91d90b6f0189 https://huntr.com/bounties/e0822362-033a-4a71-b1dc-d803f03bd427 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •