CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-39747 – IBM Sterling Connect:Direct Web Services information disclosure
https://notcve.org/view.php?id=CVE-2024-39747
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality. • https://exchange.xforce.ibmcloud.com/vulnerabilities/297314 https://www.ibm.com/support/pages/node/7166947 • CWE-1392: Use of Default Credentials •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34018
https://notcve.org/view.php?id=CVE-2024-34018
Sensitive information disclosure due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-4196 • CWE-276: Incorrect Default Permissions •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35118 – IBM MaaS360 information disclosure
https://notcve.org/view.php?id=CVE-2024-35118
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device. • https://www.ibm.com/support/pages/node/7166750 https://exchange.xforce.ibmcloud.com/vulnerabilities/290341 • CWE-798: Use of Hard-coded Credentials •
CVSS: 3.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38304
https://notcve.org/view.php?id=CVE-2024-38304
A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability • CWE-788: Access of Memory Location After End of Buffer •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-38303
https://notcve.org/view.php?id=CVE-2024-38303
A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability • CWE-20: Improper Input Validation •