CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49351 – IBM Workload Scheduler information disclosure
https://notcve.org/view.php?id=CVE-2024-49351
26 Nov 2024 — IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user. IBM Workload Scheduler 9.5, 10.1 y 10.2 almacena las credenciales de usuario en texto plano que puede ser leído por un usuario local. • https://www.ibm.com/support/pages/node/7177061 • CWE-256: Plaintext Storage of a Password •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2020-12491 – Framework Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-12491
25 Nov 2024 — Improper control of framework service permissions with possibility of some sensitive device information leakage. • https://www.vivo.com/en/support/security-advisory-detail?id=11 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-10451 – Org.keycloak:keycloak-quarkus-server: sensitive data exposure in keycloak build process
https://notcve.org/view.php?id=CVE-2024-10451
25 Nov 2024 — This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. • https://access.redhat.com/errata/RHSA-2024:10175 • CWE-798: Use of Hard-coded Credentials •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35160 – IBM Watson Query on Cloud Pak for Data and IBM Db2 Big SQL on Cloud Pak for Data information disclosure
https://notcve.org/view.php?id=CVE-2024-35160
23 Nov 2024 — IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. IBM Watson Query on Cloud Pak for Data 1.8, 2.0, 2.1, 2.2 and IBM Db2 Big SQL on Cloud Pak for Data 7.3, 7.4, 7.5, and 7.6 could allow an authenticated user to obtain sensitive information due to insufficient session expiration. • https://www.ibm.com/support/pages/node/7168703 • CWE-613: Insufficient Session Expiration •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0122
https://notcve.org/view.php?id=CVE-2024-0122
22 Nov 2024 — A successful exploit of this vulnerability may lead to partial denial of service and confidential information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5570 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0138
https://notcve.org/view.php?id=CVE-2024-0138
22 Nov 2024 — A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5595 • CWE-862: Missing Authorization •
CVSS: 5.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-41781 – IBM PowerVM Hypervisor information disclosure
https://notcve.org/view.php?id=CVE-2024-41781
22 Nov 2024 — IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 through FW950.90, FW1030.00 through FW1030.60, FW1050.00 through FW1050.20, and FW1060.00 through FW1060.10 functionality can be compromised if an attacker gains service access to the HMC. An attacker that gains service access to the HMC can locate and through a series of service procedures decrypt data contained in the Platform KeyStore. La funcionalidad de IBM PowerVM Platform KeyStore (IBM PowerVM Hypervisor FW950.00 a FW950.90, FW1030.00 a F... • https://www.ibm.com/support/pages/node/7172698 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43937 – Brocade SANnav Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-43937
21 Nov 2024 — Possible information exposure through log file vulnerability where sensitive fields are recorded in the debug-enabled logs when debugging is turned on in Brocade SANnav before 2.3.0 and 2.2.2a • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22509 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-9486
https://notcve.org/view.php?id=CVE-2018-9486
20 Nov 2024 — This could lead to local information disclosure over bluetooth with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-09-01 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-9485
https://notcve.org/view.php?id=CVE-2018-9485
20 Nov 2024 — This could lead to remote information disclosure over bluetooth with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-09-01 • CWE-125: Out-of-bounds Read •