CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2024-57908 – iio: imu: kmx61: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57908
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is u... • https://git.kernel.org/stable/c/c3a23ecc0901f624b681bbfbc4829766c5aa3070 •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2024-57907 – iio: adc: rockchip_saradc: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57907
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data'... • https://git.kernel.org/stable/c/4e130dc7b41348b13684f0758c26cc6cf72a3449 •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2024-57906 – iio: adc: ti-ads8688: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57906
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local ... • https://git.kernel.org/stable/c/26aa12ef64ee997d293659bbf645c6df99fb73e5 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-57905 – iio: adc: ti-ads1119: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57905
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it has a hole between the sample (unsigned int) and the timestamp. In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1119: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a t... • https://git.kernel.org/stable/c/a9306887eba41c5fe7232727a8147da3d3c4f83c •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45653 – IBM Sterling Connect:Direct Web Services information disclosure
https://notcve.org/view.php?id=CVE-2024-45653
19 Jan 2025 — IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7174104 • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47106 – IBM Jazz for Service Management information disclosure
https://notcve.org/view.php?id=CVE-2024-47106
18 Jan 2025 — IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain sensitive information from improper access restrictions that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7178507 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49354 – IBM Concert information disclosure
https://notcve.org/view.php?id=CVE-2024-49354
18 Jan 2025 — IBM Concert 1.0.0, 1.0.1, and 1.0.2 is vulnerable to sensitive information disclosure through specially crafted API Calls. • https://www.ibm.com/support/pages/node/7174120 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49338 – IBM App Connect Enterprise information disclosure
https://notcve.org/view.php?id=CVE-2024-49338
18 Jan 2025 — IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials. • https://www.ibm.com/support/pages/node/7175396 • CWE-1323: Improper Management of Sensitive Trace Data •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11923 – Sensitive Information Disclosure in Fortra Application Hub Prior to version 1.3
https://notcve.org/view.php?id=CVE-2024-11923
17 Jan 2025 — Under certain log settings the IAM or CORE service will log credentials in the iam logfile in Fortra Application Hub (Formerly named Helpsystems One) prior to version 1.3 Under certain log settings the IAM or CORE service will log credentials in the iam logfile in Fortra Application Hub (Formerly named Helpsystems One) prior to version 1.3 • https://www.fortra.com/security/advisories/product-security/fi-2025-003 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9379
https://notcve.org/view.php?id=CVE-2018-9379
17 Jan 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2018-06-01 •