CVSS: 6.1EPSS: 0%CPEs: 53EXPL: 0CVE-2024-33037 – Buffer Over-read in Neural Processing Unit
https://notcve.org/view.php?id=CVE-2024-33037
02 Dec 2024 — Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-10490 – Authentication bypass flaw in several mapp components
https://notcve.org/view.php?id=CVE-2024-10490
02 Dec 2024 — An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision before 6.0 may be used by an unauthenticated network-based attacker to cause information disclosure, unintended change of data, or denial of service conditions. An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in th... • https://www.br-automation.com/fileadmin/SA22P014-90c4aa35.pdf • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2024-20138
https://notcve.org/view.php?id=CVE-2024-20138
02 Dec 2024 — This could lead to remote information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20116
https://notcve.org/view.php?id=CVE-2024-20116
02 Dec 2024 — This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.2EPSS: 0%CPEs: 29EXPL: 0CVE-2024-20136
https://notcve.org/view.php?id=CVE-2024-20136
02 Dec 2024 — This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-51769 – Hewlett Packard Enterprise AutoPass License Server SQL Injection Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-51769
02 Dec 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-51770 – Hewlett Packard Enterprise AutoPass License Server XML External Entity Processing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-51770
02 Dec 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53804 – WordPress WP Mailster plugin <= 1.8.16.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-53804
02 Dec 2024 — Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0. The WP Mailster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.16.0. • https://patchstack.com/database/wordpress/plugin/wp-mailster/vulnerability/wordpress-wp-mailster-plugin-1-8-16-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-11961 – Guangzhou Huayi Intelligent Technology Jeewms WmOmNoticeHController.java preHandle information disclosure
https://notcve.org/view.php?id=CVE-2024-11961
28 Nov 2024 — The manipulation of the argument request leads to information disclosure. ... The vendor was contacted early about this disclosure but did not respond in any way. ... Mit der Manipulation des Arguments request mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/dycccccccc/JEEWMS/blob/main/JEEWMS%20Shipper%20Information%20Leakage.docx • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.2EPSS: 0%CPEs: 7EXPL: 0CVE-2018-9377
https://notcve.org/view.php?id=CVE-2018-9377
28 Nov 2024 — In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. In BnAudioPolicyService::onTransact of IAudioPolicyService.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. This could lead to local information disclosure with no additional execution privileges need... • https://source.android.com/docs/security/bulletin/pixel/2018-06-01 • CWE-908: Use of Uninitialized Resource •