CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21112 – Oracle VirtualBox AHCI Controller Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21112
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle VirtualBox. • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21109 – Oracle VirtualBox Web Service Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21109
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle VirtualBox. ... An attacker can leverage this vulnerability to disclose sensitive session information, leading to further compromise. • https://www.oracle.com/security-alerts/cpuapr2024.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31887 – IBM Security Verify Privilege information disclosure
https://notcve.org/view.php?id=CVE-2024-31887
IBM Security Verify Privilege 11.6.25 could allow an unauthenticated actor to obtain sensitive information from the SOAP API. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287651 https://www.ibm.com/support/pages/node/7148438 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-3571 – Path Traversal in langchain-ai/langchain
https://notcve.org/view.php?id=CVE-2024-3571
An attacker can leverage this vulnerability to read or write files anywhere on the filesystem, potentially leading to information disclosure or remote code execution. • https://github.com/langchain-ai/langchain/commit/aad3d8bd47d7f5598156ff2bdcc8f736f24a7412 https://huntr.com/bounties/2df3acdc-ee4f-4257-bbf8-a7de3870a9d8 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-1593 – Path Traversal via Parameter Smuggling in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2024-1593
Successful exploitation could lead to unauthorized information disclosure or server compromise. • https://huntr.com/bounties/dbdc6bd6-d09a-46f2-9d9c-5138a14b6e31 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •