CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20122
https://notcve.org/view.php?id=CVE-2024-20122
04 Nov 2024 — This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-20117
https://notcve.org/view.php?id=CVE-2024-20117
04 Nov 2024 — This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-125: Out-of-bounds Read •
CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-20107
https://notcve.org/view.php?id=CVE-2024-20107
04 Nov 2024 — This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/November-2024 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41741 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-41741
01 Nov 2024 — IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7174572 • CWE-208: Observable Timing Discrepancy •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41738 – IBM TXSeries for Multiplatforms information disclosure
https://notcve.org/view.php?id=CVE-2024-41738
01 Nov 2024 — IBM TXSeries for Multiplatforms 10.1 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques. • https://www.ibm.com/support/pages/node/7174572 • CWE-598: Use of GET Request Method With Sensitive Query Strings •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-0106
https://notcve.org/view.php?id=CVE-2024-0106
01 Nov 2024 — A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5562 • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 8.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-0105
https://notcve.org/view.php?id=CVE-2024-0105
01 Nov 2024 — A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5562 • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-48352
https://notcve.org/view.php?id=CVE-2024-48352
01 Nov 2024 — Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID. • http://yealink.com • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33603
https://notcve.org/view.php?id=CVE-2024-33603
30 Oct 2024 — The LevelOne WBR-6012 router has an information disclosure vulnerability in its web application, which allows unauthenticated users to access a verbose system log page and obtain sensitive data, such as memory addresses and IP addresses for login attempts. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1985 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-33626
https://notcve.org/view.php?id=CVE-2024-33626
30 Oct 2024 — The LevelOne WBR-6012 router contains a vulnerability within its web application that allows unauthenticated disclosure of sensitive information, such as the WiFi WPS PIN, through a hidden page accessible by an HTTP request. Disclosure of this information could enable attackers to connect to the device's WiFi network. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1986 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •