CVE-2024-37070 – IBM Concert Software information disclosure
https://notcve.org/view.php?id=CVE-2024-37070
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7176346 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVE-2018-9346
https://notcve.org/view.php?id=CVE-2018-9346
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-908: Use of Uninitialized Resource •
CVE-2018-9345
https://notcve.org/view.php?id=CVE-2018-9345
In BnAudioPolicyService::onTransact of AudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-908: Use of Uninitialized Resource •
CVE-2018-9340
https://notcve.org/view.php?id=CVE-2018-9340
In ResStringPool::setTo of ResourceTypes.cpp, it's possible for an attacker to control the value of mStringPoolSize to be out of bounds, causing information disclosure. • https://source.android.com/security/bulletin/2018-06-01 • CWE-787: Out-of-bounds Write •
CVE-2024-52506 – Graylog can leak other users' reports via concurrent PDF report rendering
https://notcve.org/view.php?id=CVE-2024-52506
This functionality, as included in Graylog 6.1.0 & 6.1.1, is vulnerable to information leakage triggered by multiple concurrent report rendering requests from authorized users. ... This might lead to one user getting the report of a different user, potentially leaking indexed log messages or aggregated data that this user normally has no access to. • https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-vggm-3478-vm5m • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •