CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10465 – firefox: thunderbird: Clipboard "paste" button persisted across tabs
https://notcve.org/view.php?id=CVE-2024-10465
29 Oct 2024 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing or information disclosure. • https://bugzilla.mozilla.org/show_bug.cgi?id=1918853 • CWE-20: Improper Input Validation CWE-290: Authentication Bypass by Spoofing •
CVSS: 6.4EPSS: 0%CPEs: 31EXPL: 0CVE-2024-10461 – firefox: thunderbird: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response
https://notcve.org/view.php?id=CVE-2024-10461
29 Oct 2024 — Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, cross-site scripting, spoofing or information disclosure. • https://bugzilla.mozilla.org/show_bug.cgi?id=1914521 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-50076 – vt: prevent kernel-infoleak in con_font_get()
https://notcve.org/view.php?id=CVE-2024-50076
29 Oct 2024 — In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. In the Linux kernel, the following vulnerability has been resolved: vt: prevent kernel-infoleak in con_font_get() font.data may not initialize all memory spaces depending on the implementation of vc->vc_sw->con_font_get. This may cause info-leak, so... • https://git.kernel.org/stable/c/05e2600cb0a4d73b0779cf29512819616252aeeb •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30106 – HCL Connections is vulnerable to an information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-30106
28 Oct 2024 — HCL Connections is vulnerable to an information disclosure vulnerability, due to an IBM WebSphere Application Server error, which could allow a user to obtain sensitive information they are not entitled to due to the improper handling of request data. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0116967 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44237 – Apple macOS ICC Profile Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-44237
28 Oct 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44283 – Apple macOS ICC Profile Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-44283
28 Oct 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121568 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-44240 – Apple macOS CoreText Font Ligature Caret List Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-44240
28 Oct 2024 — Processing a maliciously crafted font may result in the disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabiliti... • https://support.apple.com/en-us/121563 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-44282 – Apple macOS CoreFoundation Font Glyphs Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-44282
28 Oct 2024 — Parsing a file may lead to disclosure of user information. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121563 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2024-44302 – Apple macOS CoreText Font Ligature Caret List Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-44302
28 Oct 2024 — Processing a maliciously crafted font may result in the disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabiliti... • https://support.apple.com/en-us/121563 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-44215 – Apple macOS ImageIO JP2 Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-44215
28 Oct 2024 — Processing an image may result in disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. ... An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. macOS Sonoma 14.7.1 addresses buffer overflow, bypass, information leakage, out of bounds access, out of bounds read, and out of bounds write vulnerabilities. • https://support.apple.com/en-us/121563 •