CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2022-30354
https://notcve.org/view.php?id=CVE-2022-30354
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserWithTeam. • https://cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposure#cve-2022-30354 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2022-30359
https://notcve.org/view.php?id=CVE-2022-30359
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserList. • https://cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposure#cve-2022-30359 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2022-30361
https://notcve.org/view.php?id=CVE-2022-30361
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserType. • https://cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposure#cve-2022-30361 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49357 – ZimaOS (Installed Applications and System Information) has Unauthorized Sensitive Data Leak
https://notcve.org/view.php?id=CVE-2024-49357
This sensitive data leak can be exploited by attackers to gain detailed knowledge about the system setup, installed applications, and other critical information. • https://github.com/IceWhaleTech/ZimaOS/security/advisories/GHSA-hg2h-q5h6-r5c4 https://youtu.be/H_WoqzM-9Cc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-38314 – IBM Maximo Application Suite - Monitor Component information disclosure
https://notcve.org/view.php?id=CVE-2024-38314
IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information in the form of the hard-coded cryptographic key to an attacker that has compromised environment. • https://www.ibm.com/support/pages/node/7173988 • CWE-321: Use of Hard-coded Cryptographic Key •