CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2180 – Zemana AntiLogger v2.74.204.664 - Kernel Memory Leak
https://notcve.org/view.php?id=CVE-2024-2180
15 Mar 2024 — Zemana AntiLogger v2.74.204.664 is vulnerable to a Memory Information Leak vulnerability by triggering the 0x80002020 IOCTL code of the zam64.sys and zamguard64.sys drivers Zemana AntiLogger v2.74.204.664 es afectado por una vulnerabilidad de fuga de información de memoria al activar el código IOCTL 0x80002020 de los controladores zam64.sys y zamguard64.sys • https://fluidattacks.com/advisories/gomez • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-404: Improper Resource Shutdown or Release •
CVSS: 6.5EPSS: 0%CPEs: 32EXPL: 0CVE-2023-28746 – kernel: Local information disclosure on Intel(R) Atom(R) processors
https://notcve.org/view.php?id=CVE-2023-28746
14 Mar 2024 — Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. ... This issue may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted system. ... A local attacker could use this to obtain sensitive information via a transient exec... • http://www.openwall.com/lists/oss-security/2024/03/12/13 • CWE-1342: Information Exposure through Microarchitectural State after Transient Execution •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-27502
https://notcve.org/view.php?id=CVE-2023-27502
14 Mar 2024 — Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38575 – kernel: Local information disclosure in some Intel(R) processors
https://notcve.org/view.php?id=CVE-2023-38575
14 Mar 2024 — Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. ... A vulnerability was found in some Intel processors that may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted host. ... A local attacker could use this to obtain sensitive information via a transient execution attack... • https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html • CWE-1303: Non-Transparent Sharing of Microarchitectural Resources •
CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2023-43490 – kernel: Local information disclosure on Intel(R) Xeon(R) D processors with Intel(R) SGX due to incorrect calculation in microcode
https://notcve.org/view.php?id=CVE-2023-43490
14 Mar 2024 — Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access. ... This issue may allow a local attacker to achieve sensitive information disclosure, impacting the data confidentiality of the targeted system. ... A local attacker could use this to obtain sensitive information via a transient execution attack. • https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html • CWE-682: Incorrect Calculation •
CVSS: 8.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38534
https://notcve.org/view.php?id=CVE-2023-38534
13 Mar 2024 — The vulnerability could allow disclosure of restricted information in unauthenticated RPC. ... The vulnerability could allow disclosure of restricted information in unauthenticated RPC. • https://support.opentext.com/csm?id=kb_article_view&sysparm_article=KB0796609 • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25154 – Path Traversal in FileCatalyst Direct 3.8.8 and Earlier
https://notcve.org/view.php?id=CVE-2024-25154
13 Mar 2024 — Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage. • https://filecatalyst.software/public/filecatalyst/Direct/3.8.9.90/whatsnew_direct.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1979 – Quarkus: information leak in annotation
https://notcve.org/view.php?id=CVE-2024-1979
13 Mar 2024 — A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk. Se encontró una vulnerabilidad en Quarkus. En ciertas condiciones relacionadas con el proceso de CI, las credenciales de git podrían publicarse sin darse cuenta, lo que podría poner en riesgo el repositorio de git. • https://access.redhat.com/errata/RHSA-2024:1662 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32335 – IBM Maximo Application Suite information disclosure
https://notcve.org/view.php?id=CVE-2023-32335
13 Mar 2024 — IBM Maximo Application Suite 8.10, 8.11 and IBM Maximo Asset Management 7.6.1.3 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. • https://exchange.xforce.ibmcloud.com/vulnerabilities/266875 • CWE-598: Use of GET Request Method With Sensitive Query Strings •
CVSS: 5.1EPSS: 0%CPEs: -EXPL: 0CVE-2023-43043 – IBM Maximo Application Suite information disclosure
https://notcve.org/view.php?id=CVE-2023-43043
13 Mar 2024 — IBM Maximo Application Suite - Maximo Mobile for EAM 8.10 and 8.11 could disclose sensitive information to a local user. • https://exchange.xforce.ibmcloud.com/vulnerabilities/266875 • CWE-532: Insertion of Sensitive Information into Log File •