Page 128 of 10816 results (0.021 seconds)

CVSS: -EPSS: 0%CPEs: -EXPL: 0

In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0

This could lead to remote information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •

CVSS: 4.0EPSS: 0%CPEs: -EXPL: 0

In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2024 • CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure. • https://hackerone.com/reports/1096043 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

IBM Security Verify Access OIDC Provider 22.09 through 23.03 could disclose sensitive information to a local user due to hazardous input validation. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279978 https://www.ibm.com/support/pages/node/7155340 • CWE-20: Improper Input Validation •