CVE-2024-32036 – SixLabors.ImageSharp vulnerable to data leakage
https://notcve.org/view.php?id=CVE-2024-32036
A data leakage flaw was found in ImageSharp's JPEG and TGA decoders. • https://github.com/SixLabors/ImageSharp/commit/8f0b4d3e680e78d479a88e7b1472bccd8f096d68 https://github.com/SixLabors/ImageSharp/commit/da5f09a42513489fe359578d81cec2f15ba588ba https://github.com/SixLabors/ImageSharp/security/advisories/GHSA-5x7m-6737-26cr • CWE-226: Sensitive Information in Resource Not Removed Before Reuse •
CVE-2024-29219
https://notcve.org/view.php?id=CVE-2024-29219
Out-of-bounds read vulnerability exists in KV STUDIO Ver.11.64 and earlier and KV REPLAY VIEWER Ver.2.64 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file. ... Out-of-bounds read vulnerability exists in KV STUDIO Ver.11.64 and earlier and KV REPLAY VIEWER Ver.2.64 and earlier, and VT5-WX15/WX12 Ver.6.02 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file. • https://jvn.jp/en/vu/JVNVU95439120 https://www.keyence.com/kv_vulnerability240329_en https://www.keyence.com/kv_vulnerability240924_en • CWE-125: Out-of-bounds Read •
CVE-2024-29218
https://notcve.org/view.php?id=CVE-2024-29218
Out-of-bounds write vulnerability exists in KV STUDIO Ver.11.64 and earlier and KV REPLAY VIEWER Ver.2.64 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file. ... Out-of-bounds write vulnerability exists in KV STUDIO Ver.11.64 and earlier, KV REPLAY VIEWER Ver.2.64 and earlier, and VT5-WX15/WX12 Ver.6.02 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file. • https://jvn.jp/en/vu/JVNVU95439120 https://www.keyence.com/kv_vulnerability240329_en https://www.keyence.com/kv_vulnerability240924_en • CWE-787: Out-of-bounds Write •
CVE-2024-22439 – Certain HPE FlexNetwork and FlexFabric Switches, Remote Authentication Bypass
https://notcve.org/view.php?id=CVE-2024-22439
This vulnerability could be exploited to gain privileged access to switches resulting in information disclosure. • https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbnw04625en_us • CWE-639: Authorization Bypass Through User-Controlled Key •
CVE-2024-3505 – JFrog Self-Hosted Artifactory Proxy configuration accessible to low-privilege users
https://notcve.org/view.php?id=CVE-2024-3505
JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to sensitive information disclosure whereby a low-privileged authenticated user can read the proxy configuration. This does not affect JFrog cloud deployments. • https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •