CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7542 – oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7542
oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-24-1082 • CWE-457: Use of Uninitialized Variable •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7540 – oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7540
oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-24-1080 • CWE-457: Use of Uninitialized Variable •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7537 – oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7537
oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://www.zerodayinitiative.com/advisories/ZDI-24-1077 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-38321 – IBM Business Automation Workflow information disclosure
https://notcve.org/view.php?id=CVE-2024-38321
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. IBM X-Force ID: 284868. • https://exchange.xforce.ibmcloud.com/vulnerabilities/294868 https://www.ibm.com/support/pages/node/7162334 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42349 – FOG has a Log Information Disclosure
https://notcve.org/view.php?id=CVE-2024-42349
FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server (fog_login_accepted.log and fog_login_failed.log), exposing the name of the user account used to manage FOG, the IP address of the computer used to login and the User-Agent. This vulnerability is fixed in 1.5.10.47. • https://github.com/FOGProject/fogproject/security/advisories/GHSA-697m-3c4p-g29h • CWE-532: Insertion of Sensitive Information into Log File •