CVE-2024-22513 – djangorestframework-simplejwt 5.3.1 - Information Disclosure
https://notcve.org/view.php?id=CVE-2024-22513
djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. ... Django REST Framework SimpleJWT versions 5.3.1 and below suffer from an information disclosure vulnerability. • https://www.exploit-db.com/exploits/51992 https://github.com/dmdhrumilmistry/CVEs/tree/main/CVE-2024-22513 •
CVE-2024-28069
https://notcve.org/view.php?id=CVE-2024-28069
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. • https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0001 • CWE-922: Insecure Storage of Sensitive Information •
CVE-2021-38938 – IBM Host Access Transformation Services information disclosure
https://notcve.org/view.php?id=CVE-2021-38938
IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 210989. IBM Host Access Transformation Services (HATS) 9.6 a 9.6.1.4 y 9.7 a 9.7.0.3 almacena las credenciales de usuario en texto sin formato que puede ser leído por un usuario local. ID de IBM X-Force: 210989. • https://exchange.xforce.ibmcloud.com/vulnerabilities/210989 https://www.ibm.com/support/pages/node/6832964 • CWE-522: Insufficiently Protected Credentials •
CVE-2023-46181 – IBM Secure Proxy information disclosure
https://notcve.org/view.php?id=CVE-2023-46181
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686. IBM Sterling Secure Proxy 6.0.3 y 6.1.0 permite que las páginas web se almacenen localmente y que otro usuario del sistema pueda leerlas. ID de IBM X-Force: 269686. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269686 https://www.ibm.com/support/pages/node/7142038 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVE-2023-46179 – IBM Secure Proxy information disclosure
https://notcve.org/view.php?id=CVE-2023-46179
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 269683. IBM Sterling Secure Proxy 6.0.3 y 6.1.0 no establece el atributo seguro en tokens de autorización o cookies de sesión. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269683 https://www.ibm.com/support/pages/node/7142038 • CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute •