CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2024-26207 – Windows Remote Access Connection Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-26207
09 Apr 2024 — Windows Remote Access Connection Manager Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del Administrador de conexión de acceso remoto de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26207 • CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 16EXPL: 0CVE-2024-26220 – Windows Mobile Hotspot Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-26220
09 Apr 2024 — Windows Mobile Hotspot Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del punto de acceso de Windows Mobile • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26220 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2024-26209 – Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-26209
09 Apr 2024 — Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del servicio del subsistema de la autoridad de seguridad local de Microsoft • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26209 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29063 – Azure AI Search Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-29063
09 Apr 2024 — Azure AI Search Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de búsqueda de Azure AI • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29063 • CWE-798: Use of Hard-coded Credentials •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2024-28902 – Windows Remote Access Connection Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-28902
09 Apr 2024 — Windows Remote Access Connection Manager Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del Administrador de conexión de acceso remoto de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28902 • CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2024-28901 – Windows Remote Access Connection Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-28901
09 Apr 2024 — Windows Remote Access Connection Manager Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del Administrador de conexión de acceso remoto de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28901 • CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-26172 – Windows DWM Core Library Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-26172
09 Apr 2024 — Windows DWM Core Library Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de la librería principal de Windows DWM • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26172 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 0CVE-2024-26255 – Windows Remote Access Connection Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-26255
09 Apr 2024 — Windows Remote Access Connection Manager Information Disclosure Vulnerability Vulnerabilidad de divulgación de información del Administrador de conexión de acceso remoto de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26255 • CWE-126: Buffer Over-read •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31455 – Minder GetRepositoryByName data leak
https://notcve.org/view.php?id=CVE-2024-31455
09 Apr 2024 — Minder by Stacklok is an open source software supply chain security platform. A refactoring in commit `5c381cf` added the ability to get GitHub repositories registered to a project without specifying a specific provider. Unfortunately, the SQL query for doing so was missing parenthesis, and would select a random repository. This issue is patched in pull request 2941. As a workaround, revert prior to `5c381cf`, or roll forward past `2eb94e7`. • https://github.com/stacklok/minder/commit/11b6573ad62cfdd783a8bb52f3fce461466037f4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-31487
https://notcve.org/view.php?id=CVE-2024-31487
09 Apr 2024 — A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4.1 may allows attacker to information disclosure via crafted http requests. • https://fortiguard.com/psirt/FG-IR-24-060 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •