CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-22270 – VMware Workstation hgfsVMCI_fileread Use of Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-22270
VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. ... This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-22269 – VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-22269
VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. ... This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24280 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2024-25968
https://notcve.org/view.php?id=CVE-2024-25968
A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000224860/dsa-2024-163-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2024-30043 – Microsoft SharePoint Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30043
Microsoft SharePoint Server Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Microsoft SharePoint Server This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft SharePoint. ... An attacker can leverage this vulnerability to disclose information in the context of the service account. • https://github.com/W01fh4cker/CVE-2024-30043-XXE https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30043 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.4EPSS: 0%CPEs: 12EXPL: 0CVE-2024-30034 – Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-30034
Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del controlador del minifiltro de archivos en la nube de Windows This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. ... An attacker can leverage this vulnerability to disclose information in the context of the kernel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30034 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •