CVE-2024-48016
https://notcve.org/view.php?id=CVE-2024-48016
A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000237211/dsa-2024-407-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2024-49399 – Missing Authentication for Critical Function in Elvaco M-Bus Metering Gateway CMe3100
https://notcve.org/view.php?id=CVE-2024-49399
The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-01 • CWE-306: Missing Authentication for Critical Function •
CVE-2024-49580
https://notcve.org/view.php?id=CVE-2024-49580
In JetBrains Ktor before 3.0.0 improper caching in HttpCache Plugin could lead to response information disclosure • https://www.jetbrains.com/privacy-security/issues-fixed • CWE-524: Use of Cache Containing Sensitive Information •
CVE-2024-45713 – SolarWinds Kiwi CatTools Sensitive Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-45713
SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non-default setting has been enabled for troubleshooting purposes. • https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45713 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVE-2024-49386
https://notcve.org/view.php?id=CVE-2024-49386
Sensitive information disclosure due to spell-jacking. • https://security-advisory.acronis.com/advisories/SEC-5129 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •