CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2024-57911 – iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57911
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc() and it is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information... • https://git.kernel.org/stable/c/415f792447572ef1949a3cef5119bbce8cc66373 •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-57910 – iio: light: vcnl4035: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57910
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16 aligned to 8 bytes. In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to ... • https://git.kernel.org/stable/c/da8ef748fec2d55db0ae424ab40eee0c737564aa •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-57909 – iio: light: bh1745: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57909
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct ... • https://git.kernel.org/stable/c/eab35358aae705b779a7c8b405474d1290175196 •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-57908 – iio: imu: kmx61: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57908
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is u... • https://git.kernel.org/stable/c/c3a23ecc0901f624b681bbfbc4829766c5aa3070 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-57907 – iio: adc: rockchip_saradc: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57907
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data'... • https://git.kernel.org/stable/c/4e130dc7b41348b13684f0758c26cc6cf72a3449 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-57906 – iio: adc: ti-ads8688: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57906
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local ... • https://git.kernel.org/stable/c/26aa12ef64ee997d293659bbf645c6df99fb73e5 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-57905 – iio: adc: ti-ads1119: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57905
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the timestamp. In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a t... • https://git.kernel.org/stable/c/a9306887eba41c5fe7232727a8147da3d3c4f83c •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45653 – IBM Sterling Connect:Direct Web Services information disclosure
https://notcve.org/view.php?id=CVE-2024-45653
19 Jan 2025 — IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7174104 • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47106 – IBM Jazz for Service Management information disclosure
https://notcve.org/view.php?id=CVE-2024-47106
18 Jan 2025 — IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7178507 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49354 – IBM Concert information disclosure
https://notcve.org/view.php?id=CVE-2024-49354
18 Jan 2025 — IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls. • https://www.ibm.com/support/pages/node/7174120 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •