CVE-2024-8777 – The SYSCOM Group OMFLOW - Information Leakage
https://notcve.org/view.php?id=CVE-2024-8777
OMFLOW from The SYSCOM Group has an information leakage vulnerability, allowing unauthorized remote attackers to read arbitrary system configurations. • https://www.twcert.org.tw/en/cp-139-8072-928a5-2.html https://www.twcert.org.tw/tw/cp-132-8071-46589-1.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-44096
https://notcve.org/view.php?id=CVE-2024-44096
This could lead to local information disclosure with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2024-09-01 •
CVE-2024-6867 – Information Disclosure in lunary-ai/lunary
https://notcve.org/view.php?id=CVE-2024-6867
An information disclosure vulnerability exists in the lunary-ai/lunary, specifically in the `runs/{run_id}/related` endpoint. • https://github.com/lunary-ai/lunary/commit/35afd4439464571eb016318cd7b6f85a162225ca https://huntr.com/bounties/460df515-164c-4435-954b-0233a181545f • CWE-1220: Insufficient Granularity of Access Control •
CVE-2024-43180 – IBM Concert information disclosure
https://notcve.org/view.php?id=CVE-2024-43180
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. • https://exchange.xforce.ibmcloud.com/vulnerabilities/351213 https://www.ibm.com/support/pages/node/7168234 • CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute •
CVE-2024-3305 – Information Disclosure in Utarit Information's SoliClub
https://notcve.org/view.php?id=CVE-2024-3305
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Utarit Information SoliClub allows Retrieve Embedded Sensitive Data.This issue affects SoliClub: before 4.4.0 for iOS, before 5.2.1 for Android. • https://www.usom.gov.tr/bildirim/tr-24-1457 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •