CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28216
https://notcve.org/view.php?id=CVE-2024-28216
07 Mar 2024 — nGrinder before 3.5.9 allows an attacker to obtain the results of webhook requests due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery. nGrinder anterior a 3.5.9 permite a un atacante obtener los resultados de las solicitudes de webhooks debido a la falta de control de acceso, lo que podría ser la causa de la divulgación de información y Server-Side Request Forgery. • https://cve.naver.com/detail/cve-2024-28216.html • CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28215
https://notcve.org/view.php?id=CVE-2024-28215
07 Mar 2024 — nGrinder before 3.5.9 allows an attacker to create or update webhook configuration due to lack of access control, which could be the cause of information disclosure and limited Server-Side Request Forgery. nGrinder anterior a 3.5.9 permite a un atacante crear o actualizar la configuración de webhook debido a la falta de control de acceso, lo que podría ser la causa de la divulgación de información y Server-Side Request Forgery. • https://cve.naver.com/detail/cve-2024-28215.html • CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2024-2176 – Debian Security Advisory 5636-1
https://notcve.org/view.php?id=CVE-2024-2176
06 Mar 2024 — (Severidad de seguridad de Chrome: alta) Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://github.com/r4p3c4/CVE-2024-21762-Exploit-PoC-Fortinet-SSL-VPN-Check • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2174 – Debian Security Advisory 5636-1
https://notcve.org/view.php?id=CVE-2024-2174
06 Mar 2024 — (Severidad de seguridad de Chrome: alta) Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2173 – Debian Security Advisory 5636-1
https://notcve.org/view.php?id=CVE-2024-2173
06 Mar 2024 — (Severidad de seguridad de Chrome: alta) Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25102 – Information Disclosure Vulnerability in CDAC AppSamvid Software
https://notcve.org/view.php?id=CVE-2024-25102
06 Mar 2024 — This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. An attacker with local administrative privileges could exploit this to obtain the password of AppSamvid on the targeted system. Successful exploitation of this vulnerability could allow the attacker to take complete control of the application on the targeted system. Esta vulnerabilidad existe en el software AppSamvid debido al uso de un algoritmo criptográfico (hash) SHA1... • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0081 • CWE-326: Inadequate Encryption Strength •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1224 – Information Disclosure Vulnerability in CDAC USB Pratirodh
https://notcve.org/view.php?id=CVE-2024-1224
06 Mar 2024 — This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system. Successful exploitation of this vulnerability could allow the attacker to take control of the application and modify the access control of registered users or devices on the targeted system. Esta vulnerabilidad existe en USB Pratirodh... • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0080 • CWE-326: Inadequate Encryption Strength •
CVSS: 5.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-25616
https://notcve.org/view.php?id=CVE-2024-25616
05 Mar 2024 — Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE_AUTH negotiation process. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attackers. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22352 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-22352
05 Mar 2024 — IBM InfoSphere Information Server 11.7 stores potentially sensitive information in log files that could be read by a local user. ... IBM InfoSphere Information Server 11.7 almacena información potencialmente confidencial en archivos de registro que un usuario local podría leer. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280361 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-22255 – Information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-22255
05 Mar 2024 — VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. ... VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. • https://www.vmware.com/security/advisories/VMSA-2024-0006.html • CWE-770: Allocation of Resources Without Limits or Throttling •