CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-41775 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2024-41775
IBM Cognos Controller 11.0.0 and 11.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7177220 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-25035 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2024-25035
IBM Cognos Controller 11.0.0 and 11.0.1 exposes server details that could allow an attacker to obtain information of the application environment to conduct further attacks. • https://www.ibm.com/support/pages/node/7177220 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2021-29892 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2021-29892
IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. • https://www.ibm.com/support/pages/node/7177220 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-9978 – Liteos_a has an out-of-bounds read vulnerability
https://notcve.org/view.php?id=CVE-2024-9978
in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read. en OpenHarmony v4.1.1 y versiones anteriores, se permite que un atacante local provoque fugas de información a través de lecturas fuera de los límites. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-12.md • CWE-125: Out-of-bounds Read •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42422
https://notcve.org/view.php?id=CVE-2024-42422
An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000255892/dsa-2024-478-security-update-for-dell-networker-vulnerabilities • CWE-639: Authorization Bypass Through User-Controlled Key •