CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23533 – Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23533
19 Apr 2024 — An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an authenticated remote attacker to read sensitive information in memory. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. • https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23531 – Ivanti Avalanche WLInfoRailService Integer Overflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23531
19 Apr 2024 — This vulnerability allows remote attackers to disclose sensitive information or create a denial-of-service condition on affected installations of Ivanti Avalanche. • https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23530 – Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23530
19 Apr 2024 — An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. • https://forums.ivanti.com/s/article/Avalanche-6-4-3-Security-Hardening-and-CVEs-addressed?language=en_US • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29987 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-29987
18 Apr 2024 — Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft Edge (basado en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29987 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29986 – Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-29986
18 Apr 2024 — Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en Microsoft Edge para Android (basado en Chromium) • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29986 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3928 – Dromara open-capacity-platform auth-server heapdump information disclosure
https://notcve.org/view.php?id=CVE-2024-3928
17 Apr 2024 — The manipulation leads to information disclosure. ... Durch das Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/ggfzx/OCP-Security-Misconfiguration/tree/main • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 10EXPL: 0CVE-2023-5405
https://notcve.org/view.php?id=CVE-2023-5405
17 Apr 2024 — Server information leak for the CDA Server process memory can occur when an error is generated in response to a specially crafted message. ... Server information leak for the CDA Server process memory can occur when an error is generated in response to a specially crafted message. • https://process.honeywell.com • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-43491
https://notcve.org/view.php?id=CVE-2023-43491
17 Apr 2024 — An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. • https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256 • CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45209
https://notcve.org/view.php?id=CVE-2023-45209
17 Apr 2024 — An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a disclosure of sensitive information. • https://forum.peplink.com/t/peplink-security-advisory-smart-reader-firmware-1-2-0-cve-2023-43491-cve-2023-45209-cve-2023-39367-cve-2023-45744-cve-2023-40146/47256 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-26901 – do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
https://notcve.org/view.php?id=CVE-2024-26901
17 Apr 2024 — In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_to_handle() and issued the following report [1]. In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability in do_sys_name_t... • https://git.kernel.org/stable/c/990d6c2d7aee921e3bce22b2d6a750fd552262be • CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') CWE-908: Use of Uninitialized Resource •