CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1CVE-2024-3160 – Intelbras HDCVI 1016 HTTP GET Request cap.js information disclosure
https://notcve.org/view.php?id=CVE-2024-3160
The manipulation leads to information disclosure. ... NOTE: The vendor explains that they do not classify the information shown as sensitive and therefore there is no vulnerability which is about to harm the user. ** EN DISPUTA ** Se ha encontrado una vulnerabilidad clasificada como problemática en Intelbras MHDX 1004, MHDX 1008, MHDX 1016, MHDX 5016, HDCVI 1008 y HDCVI 1016 hasta 20240401. ... Durch Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/netsecfish/intelbras_cap_js https://vuldb.com/?ctiid.258933 https://vuldb.com/?id.258933 https://vuldb.com/?submit.305410 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33111 – Improper Validation of Array Index in Audio
https://notcve.org/view.php?id=CVE-2023-33111
Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2024-bulletin.html • CWE-129: Improper Validation of Array Index •
CVSS: 5.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-3130 – Insecure Data Storage leading to sensitive Information disclosure.
https://notcve.org/view.php?id=CVE-2024-3130
Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app Las credenciales codificadas en la aplicación CoolKit eWeLlink son anteriores a 5.4.x en Android e IOS, lo que permite a un atacante local acceder no autorizado a datos confidenciales a través del algoritmo de descifrado y la clave obtenida después de descompilar la aplicación. • https://ewelink.cc/security-advisories-and-notices • CWE-798: Use of Hard-coded Credentials •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-20055
https://notcve.org/view.php?id=CVE-2024-20055
In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2024 •
CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-20052
https://notcve.org/view.php?id=CVE-2024-20052
In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2024 •