CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51460 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-51460
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7177698 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23472 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-23472
IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/6988167 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37395 – IBM Aspera Faspex information disclosure
https://notcve.org/view.php?id=CVE-2023-37395
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. • https://www.ibm.com/support/pages/node/7148632 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35117 – IBM OpenPages information disclosure
https://notcve.org/view.php?id=CVE-2024-35117
IBM OpenPages with Watson 9.0 may write sensitive information, under specific configurations, in clear text to the system tracing log files that could be obtained by a privileged user. • https://www.ibm.com/support/pages/node/7165392 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-12548 – Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-12548
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files.The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. •