CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-20070
https://notcve.org/view.php?id=CVE-2024-20070
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-20069
https://notcve.org/view.php?id=CVE-2024-20069
This could lead to remote information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 4.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-20065
https://notcve.org/view.php?id=CVE-2024-20065
In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44534
https://notcve.org/view.php?id=CVE-2021-44534
Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure. • https://hackerone.com/reports/1096043 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22338 – IBM Security Verify Access OIDC Provider information disclosure
https://notcve.org/view.php?id=CVE-2024-22338
IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279978 https://www.ibm.com/support/pages/node/7155340 • CWE-20: Improper Input Validation •