CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20757 – Bridge 2024 TIF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20757
Bridge versions 13.0.5, 14.0.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 13.0.5, 14.0.1 y anteriores de Bridge se ven afectadas por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria confidencial. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. • https://helpx.adobe.com/security/products/bridge/apsb24-15.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23139 – Autodesk FBX Review ABC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-23139
An Out-Of-Bounds Write Vulnerability in Autodesk FBX Review version 1.5.3.0 and prior may lead to code execution or information disclosure through maliciously crafted ActionScript Byte Code “ABC” files. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0005 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 1CVE-2024-22513 – djangorestframework-simplejwt 5.3.1 - Information Disclosure
https://notcve.org/view.php?id=CVE-2024-22513
djangorestframework-simplejwt version 5.3.1 and before is vulnerable to information disclosure. ... Django REST Framework SimpleJWT versions 5.3.1 and below suffer from an information disclosure vulnerability. • https://www.exploit-db.com/exploits/51992 https://github.com/dmdhrumilmistry/CVEs/tree/main/CVE-2024-22513 • CWE-306: Missing Authentication for Critical Function •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-28069
https://notcve.org/view.php?id=CVE-2024-28069
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to access sensitive information and potentially conduct unauthorized actions within the vulnerable component. • https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0001 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-38938 – IBM Host Access Transformation Services information disclosure
https://notcve.org/view.php?id=CVE-2021-38938
IBM Host Access Transformation Services (HATS) 9.6 through 9.6.1.4 and 9.7 through 9.7.0.3 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 210989. IBM Host Access Transformation Services (HATS) 9.6 a 9.6.1.4 y 9.7 a 9.7.0.3 almacena las credenciales de usuario en texto sin formato que puede ser leído por un usuario local. ID de IBM X-Force: 210989. • https://exchange.xforce.ibmcloud.com/vulnerabilities/210989 https://www.ibm.com/support/pages/node/6832964 • CWE-522: Insufficiently Protected Credentials •