CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20793 – Illustrator 2024 TIF file parsing Out Of Bound Read Information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-20793
Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. • https://helpx.adobe.com/security/products/illustrator/apsb24-30.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4357 – XML External Entity Processing Information Disclosure
https://notcve.org/view.php?id=CVE-2024-4357
An information disclosure vulnerability exists in Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, allows low-privilege attacker to read systems file via XML External Entity Processing. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Progress Software Telerik Reporting. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://docs.telerik.com/report-server/knowledge-base/xxe-vulnerability-cve-2024-4357 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3486 – XML External Entity injection vulnerability in iManager
https://notcve.org/view.php?id=CVE-2024-3486
This could lead to information disclosure and remote code execution. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3485 – Server-Side Request Forgery vulnerability in iManager
https://notcve.org/view.php?id=CVE-2024-3485
This could lead to senstive information disclosure. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3970 – Server-Side Request Forgery vulnerability in iManager
https://notcve.org/view.php?id=CVE-2024-3970
This could lead to senstive information disclosure by directory traversal. • https://www.netiq.com/documentation/imanager-32/imanager326_patch3_hf1_releasenotes/data/imanager326_patch3_hf1_releasenotes.html • CWE-918: Server-Side Request Forgery (SSRF) •