CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37396 – IBM Aspera Faspex information disclosure
https://notcve.org/view.php?id=CVE-2023-37396
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671. IBM Aspera Faspex 5.0.0 a 5.0.7 podría permitir que un usuario local obtenga información confidencial debido a un cifrado inadecuado de ciertos datos. ID de IBM X-Force: 259671. • https://exchange.xforce.ibmcloud.com/vulnerabilities/259671 https://www.ibm.com/support/pages/node/7148632 • CWE-312: Cleartext Storage of Sensitive Information CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22869 – IBM Aspera Faspex information disclosure
https://notcve.org/view.php?id=CVE-2023-22869
IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119. IBM Aspera Faspex 5.0.0 a 5.0.7 almacena información potencialmente confidencial en archivos de registro que un usuario local podría leer. ID de IBM X-Force: 244119. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244119 https://www.ibm.com/support/pages/node/7148632 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-29968 – SQL Table names, column names, and SQL queries are collected in DR standby Supportsave
https://notcve.org/view.php?id=CVE-2024-29968
An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when Brocade SANnav instances are configured in disaster recovery mode. • https://support.broadcom.com/external/content/SecurityAdvisories/0/23253 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23526 – Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23526
An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. Una vulnerabilidad de lectura fuera de los límites en el componente WLAvalancheService de Ivanti Avalanche anterior a 6.4.3, en ciertas condiciones, puede permitir que un atacante remoto no autenticado lea información confidencial en la memoria. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WLAvalancheService, which listens on TCP port 1777 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23529 – Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23529
An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. Una vulnerabilidad de lectura fuera de los límites en el componente WLAvalancheService de Ivanti Avalanche anterior a 6.4.3, en ciertas condiciones, puede permitir que un atacante remoto no autenticado lea información confidencial en la memoria. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WLAvalancheService, which listens on TCP port 1777 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US • CWE-125: Out-of-bounds Read •