CVE-2024-9761 – Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9761
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. • https://www.zerodayinitiative.com/advisories/ZDI-24-1366 • CWE-125: Out-of-bounds Read •
CVE-2024-6747 – Information leak in mknotifyd
https://notcve.org/view.php?id=CVE-2024-6747
Information leakage in mknotifyd in Checkmk before 2.3.0p18, 2.2.0p36, 2.1.0p49 and in 2.0.0p39 (EOL) allows attacker to get potentially sensitive data La fuga de información en mknotifyd en Checkmk anterior a 2.3.0p18, 2.2.0p36, 2.1.0p49 y en 2.0.0p39 (EOL) permite a un atacante obtener datos potencialmente confidenciales • https://checkmk.com/werk/17145 • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVE-2024-30118 – HCL Connections is susceptible to a sensitive information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-30118
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request data. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0114302 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-38815
https://notcve.org/view.php?id=CVE-2024-38815
VMware NSX contains a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive information disclosure. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25047 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-7038 – Information Disclosure in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7038
An information disclosure vulnerability exists in open-webui version 0.3.8. ... This behavior allows an attacker to enumerate file names and traverse directories by observing the error messages, leading to potential exposure of sensitive information. • https://huntr.com/bounties/f42cf72a-8015-44a6-81a9-c6332ef05afc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •