CVSS: 8.0EPSS: 0%CPEs: 37EXPL: 0CVE-2024-31080 – Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents
https://notcve.org/view.php?id=CVE-2024-31080
04 Apr 2024 — An attacker could possibly use this issue to expose sensitive information. ... An attacker could possibly use this issue to cause a crash or expose sensitive information. • http://www.openwall.com/lists/oss-security/2024/04/03/13 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2024-26805 – netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter
https://notcve.org/view.php?id=CVE-2024-26805
04 Apr 2024 — BUG: KMSAN: kernel-infoleak-after-free in instrument_copy_to_user include/linux/instrumented.h:114 [inline] BUG: KMSAN: kernel-infoleak-after-free in copy_to_user_iter lib/iov_iter.c:24 [inline] BUG: KMSAN: kernel-infoleak-after-free in iterate_ubuf include/linux/iov_iter.h:29 [inline] BUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance2 include/linux/iov_iter.h:245 [inline] BUG: KMSAN: kernel-infoleak-after-free in iterate_and_... • https://git.kernel.org/stable/c/1853c949646005b5959c483becde86608f548f24 •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1CVE-2024-3274 – D-Link DNS-320L/DNS-320LW/DNS-327L HTTP GET Request info.cgi information disclosure
https://notcve.org/view.php?id=CVE-2024-3274
04 Apr 2024 — The manipulation leads to information disclosure. ... Durch Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. ... The manipulation leads to information disclosure. • https://github.com/netsecfish/info_cgi • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0872 – Watu Quiz <= 3.4.1 - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2024-0872
04 Apr 2024 — The Watu Quiz plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.1 via the watu-userinfo shortcode. • https://plugins.trac.wordpress.org/changeset/3036986 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3156 – Debian Security Advisory 5654-1
https://notcve.org/view.php?id=CVE-2024-3156
04 Apr 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3158 – Debian Security Advisory 5654-1
https://notcve.org/view.php?id=CVE-2024-3158
04 Apr 2024 — (Severidad de seguridad de Chrome: alta) Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3159 – Google Chrome V8 Enum Cache Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-3159
04 Apr 2024 — Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31419 – Cnv: information disclosure through the usage of vm-dump-metrics
https://notcve.org/view.php?id=CVE-2024-31419
03 Apr 2024 — An information disclosure flaw was found in OpenShift Virtualization. • https://access.redhat.com/security/cve/CVE-2024-31419 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38729 – IBM Db2 information disclosure
https://notcve.org/view.php?id=CVE-2023-38729
03 Apr 2024 — IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server)10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. ... IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to sensitive information disclosure when using ADMIN_CMD with IMPORT or EXPORT. • https://https://exchange.xforce.ibmcloud.com/vulnerabilities/262259 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28782 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-28782
03 Apr 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 285698. IBM QRadar Suite Software 1.10.12.0 a 1.10.18.0 e IBM Cloud Pak for Security 1.10.0.0 a 1.10.11.0 almacenan las credenciales de usuario en texto sin formato que puede ser leído por un usuario autenticado. ID de IBM X-Force: 285698. • https://exchange.xforce.ibmcloud.com/vulnerabilities/285698 • CWE-256: Plaintext Storage of a Password •