CVE-2024-9470 – Cortex XSOAR: Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9470
A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data. • https://security.paloaltonetworks.com/CVE-2024-9470 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVE-2024-43610 – Copilot Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-43610
Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43610 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-47671 – USB: usbtmc: prevent kernel-usb-infoleak
https://notcve.org/view.php?id=CVE-2024-47671
In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: prevent kernel-usb-infoleak The syzbot reported a kernel-usb-infoleak in usbtmc_write, we need to clear the structure before filling fields. • https://git.kernel.org/stable/c/4ddc645f40e90fa3bc7af3a3f3bd7d29e671a775 https://git.kernel.org/stable/c/fa652318887da530f2f9dbd9b0ea4a087d05ee12 https://git.kernel.org/stable/c/16e0ab9ed3ae7d19ca8ee718ba4e09d5c0f909ca https://git.kernel.org/stable/c/0c927dfc0b9bd177f7ab6ee59ef0c4ea06c110a7 https://git.kernel.org/stable/c/ba6269e187aa1b1f20faf3c458831a0d6350304b https://git.kernel.org/stable/c/51297ef7ad7824ad577337f273cd092e81a9fa08 https://git.kernel.org/stable/c/e872738e670ddd63e19f22d0d784f0bdf26ecba5 https://git.kernel.org/stable/c/6c7fc36da021b13c34c572a26ba336cd1 •
CVE-2024-39586
https://notcve.org/view.php?id=CVE-2024-39586
An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000234216/dsa-2024-420-security-update-for-dell-emc-appsync-for-multiple-vulnerabilities • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2024-48024 – WordPress Keep Backup Daily plugin <=2.0.7 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-48024
: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Fahad Mahmood Keep Backup Daily allows Retrieve Embedded Sensitive Data.This issue affects Keep Backup Daily: from n/a through 2.0.7. The Keep Backup Daily plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.8. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/keep-backup-daily/wordpress-keep-backup-daily-plugin-2-0-7-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •