CVSS: 5.7EPSS: 0%CPEs: 4EXPL: 0CVE-2024-9539
https://notcve.org/view.php?id=CVE-2024-9539
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to retrieve metadata information of a user who clicks on the URL and further exploit it to create a convincing phishing page. • https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.16 https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.10 https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.5 https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5474
https://notcve.org/view.php?id=CVE-2024-5474
A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. • https://support.lenovo.com/us/en/product_security/LEN-158394 • CWE-276: Incorrect Default Permissions •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8530 – Schneider Electric EcoStruxure Data Center Expert Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-8530
The vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric EcoStruxure Data Center Expert. ... An attacker can leverage this vulnerability to disclose sensitive information, leading to further compromise. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-282-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-282-01.pdf • CWE-306: Missing Authentication for Critical Function •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-9749 – Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9749
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-9752 – Tungsten Automation Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9752
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. •