CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-31487
https://notcve.org/view.php?id=CVE-2024-31487
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4.1 may allows attacker to information disclosure via crafted http requests. • https://fortiguard.com/psirt/FG-IR-24-060 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-23662
https://notcve.org/view.php?id=CVE-2024-23662
An exposure of sensitive information to an unauthorized actor in Fortinet FortiOS at least version at least 7.4.0 through 7.4.1 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.15 and 6.4.0 through 6.4.15 allows attacker to information disclosure via HTTP requests. • https://fortiguard.com/psirt/FG-IR-23-224 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-25646 – Information Disclosure vulnerability in SAP BusinessObjects Web Intelligence
https://notcve.org/view.php?id=CVE-2024-25646
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. • https://me.sap.com/notes/3421384 https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html?anchorId=section_370125364 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0083
https://notcve.org/view.php?id=CVE-2024-0083
A successful exploit of this vulnerability might lead to code execution, denial of service, and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5532 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0082
https://notcve.org/view.php?id=CVE-2024-0082
A successful exploit of this vulnerability might lead to local escalation of privileges, information disclosure, and data tampering NVIDIA ChatRTX para Windows contiene una vulnerabilidad en la interfaz de usuario, donde un atacante puede provocar una gestión inadecuada de privilegios al enviar solicitudes de apertura de archivos a la aplicación. • https://nvidia.custhelp.com/app/answers/detail/a_id/5532 • CWE-269: Improper Privilege Management •