CVE-2024-10240 – Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab
https://notcve.org/view.php?id=CVE-2024-10240
An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7, all versions starting from 17.4 before 17.4.4, all versions starting from 17.5 before 17.5.2 in which an unauthenticated user may be able to read some information about an MR in a private project, under certain circumstances. • https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#information-disclosure-through-an-api-endpoint https://gitlab.com/gitlab-org/gitlab/-/issues/493188 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVE-2017-18307 – Information Exposure in Kernel
https://notcve.org/view.php?id=CVE-2017-18307
Information disclosure possible while audio playback. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-18306 – Information Exposure in Camera Driver
https://notcve.org/view.php?id=CVE-2017-18306
Information disclosure due to uninitialized variable. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-49351 – IBM Workload Scheduler information disclosure
https://notcve.org/view.php?id=CVE-2024-49351
IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user. IBM Workload Scheduler 9.5, 10.1 y 10.2 almacena las credenciales de usuario en texto plano que puede ser leído por un usuario local. • https://www.ibm.com/support/pages/node/7177061 • CWE-256: Plaintext Storage of a Password •
CVE-2020-12491 – Framework Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-12491
Improper control of framework service permissions with possibility of some sensitive device information leakage. • https://www.vivo.com/en/support/security-advisory-detail?id=11 • CWE-306: Missing Authentication for Critical Function •