CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53291
https://notcve.org/view.php?id=CVE-2024-53291
25 Dec 2024 — Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through Metadata vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000258904/dsa-2024-488-security-update-for-dell-nativeedge-multiple-vulnerabilities • CWE-1230: Exposure of Sensitive Information Through Metadata •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39725 – IBM Engineering Lifecycle Optimization - Engineering Insights information disclosure
https://notcve.org/view.php?id=CVE-2024-39725
25 Dec 2024 — IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7176782 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53961 – ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
https://notcve.org/view.php?id=CVE-2024-53961
23 Dec 2024 — This could lead to the disclosure of sensitive information or the manipulation of system data. • https://helpx.adobe.com/security/products/coldfusion/apsb24-107.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 1CVE-2024-12896 – Intelbras VIP S4320 G2 Web Interface webCapsConfig information disclosure
https://notcve.org/view.php?id=CVE-2024-12896
22 Dec 2024 — The manipulation leads to information disclosure. ... The vendor assesses that "the information disclosed in the URL is not sensitive or poses any risk to the user". ... Durch das Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54009
https://notcve.org/view.php?id=CVE-2024-54009
19 Dec 2024 — Remote authentication bypass vulnerability in HPE Alletra Storage MP B10000 in versions prior to version 10.4.5 could be remotely exploited to allow disclosure of information. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbst04764en_us&docLocale=en_US • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52897 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-52897
19 Dec 2024 — IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. IBM MQ Appliance 9.3 LTS, 9.3 CD, and 9.4 LTS web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed te... • https://www.ibm.com/support/pages/node/7178086 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52896 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-52896
19 Dec 2024 — IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. IBM MQ 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. • https://www.ibm.com/support/pages/node/7178244 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12569 – Sensitive Information in Driver’s Log File
https://notcve.org/view.php?id=CVE-2024-12569
19 Dec 2024 — Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack allows an attacker to read camera credentials stored in the Recording Server under specific conditions. Disclosure of sensitive information in a Milestone XProtect Device Pack driver’s log file for third-party cameras, allows an attacker to read camera credentials stored in the Recording Server under specific conditions. Disclosure of sensitive information in a Milestone XProt... • https://supportcommunity.milestonesys.com/KBRedir?art=000067740&lang=en_US • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4230
https://notcve.org/view.php?id=CVE-2024-4230
19 Dec 2024 — External Control of File Name or Path vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition. • https://jvn.jp/vu/JVNVU92857077/index.html • CWE-73: External Control of File Name or Path •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4229
https://notcve.org/view.php?id=CVE-2024-4229
19 Dec 2024 — Incorrect Default Permissions vulnerability in Edgecross Basic Software for Windows versions 1.00 and later and Edgecross Basic Software for Developers versions 1.00 and later allows a malicious local attacker to execute an arbitrary malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than a folder that only users with administrative privilege have permission to modify. • https://jvn.jp/vu/JVNVU92857077/index.html • CWE-276: Incorrect Default Permissions •