CVSS: 3.3EPSS: %CPEs: -EXPL: 0CVE-2024-9253 – Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9253
The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-44860
https://notcve.org/view.php?id=CVE-2024-44860
An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request. • https://www.solvait.com https://gist.github.com/walhajri/e03974097d1fd4eb698a6a80931bdd45 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23454 – Apache Hadoop: Temporary File Local Information Disclosure
https://notcve.org/view.php?id=CVE-2024-23454
If sensitive data will be present in this file, all the other local users may be able to view the content. This is because, on unix-like systems, the system temporary directory is shared between all local users. • https://issues.apache.org/jira/browse/HADOOP-19031 https://lists.apache.org/thread/xlo7q8kn4tsjvx059r789oz19hzgfkfs • CWE-269: Improper Privilege Management •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-25189
https://notcve.org/view.php?id=CVE-2023-25189
BTS is affected by information disclosure vulnerability where mobile network operator personnel connected over BTS Web Element Manager, regardless of the access privileges, having a possibility to read BTS service operation details performed by Nokia Care service personnel via SSH. • https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25189 • CWE-863: Incorrect Authorization •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43845 – IBM Aspera Console information disclosure
https://notcve.org/view.php?id=CVE-2022-43845
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. • https://www.ibm.com/support/pages/node/7169766 • CWE-1004: Sensitive Cookie Without 'HttpOnly' Flag •