CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-38206 – Microsoft Copilot Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38206
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38206 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7564 – Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7564
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Logsign Unified SecOps Platform. ... An attacker can leverage this vulnerability to disclose information in the context of root. • https://www.zerodayinitiative.com/advisories/ZDI-24-1021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39751 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-39751
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://exchange.xforce.ibmcloud.com/vulnerabilities/297429 https://www.ibm.com/support/pages/node/7160580 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42352 – Server-Side Request Forgery (SSRF) in nuxt-icon
https://notcve.org/view.php?id=CVE-2024-42352
This leads to SSRF, and could potentially lead to sensitive data exposure. • https://github.com/nuxt/icon/security/advisories/GHSA-cxgv-px37-4mp2 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-21978
https://notcve.org/view.php?id=CVE-2024-21978
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. • https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html • CWE-20: Improper Input Validation •