CVE-2024-21164 – Oracle VirtualBox EHCI USB Controller Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21164
Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://www.oracle.com/security-alerts/cpujul2024.html •
CVE-2024-6395 – GitHub Enterprise Server Information Disclosure Vulnerability Exposes Private Repository Names via Deploy Keys
https://notcve.org/view.php?id=CVE-2024-6395
An exposure of sensitive information vulnerability in GitHub Enterprise Server would allow an attacker to enumerate the names of private repositories that utilize deploy keys. This vulnerability did not allow unauthorized access to any repository content besides the name. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in versions 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. This vulnerability was reported via the GitHub Bug Bounty program. • https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12 https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6 https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17 https://help.github.com/enterprise-server@3.10/admin/release-notes#3.10.15 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-6336 – Security misconfiguration was identified in GitHub Enterprise Server that allowed sensitive data exposure
https://notcve.org/view.php?id=CVE-2024-6336
A Security Misconfiguration vulnerability in GitHub Enterprise Server allowed sensitive information disclosure to unauthorized users in GitHub Enterprise Server by exploiting organization ruleset feature. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.15 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.12 https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6 https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2020-25836 – Potential information leakage resulting in unauthorized access
https://notcve.org/view.php?id=CVE-2020-25836
Exposure of Sensitive Information to an Unauthorized Access vulnerability in OpenText NetIQ Directory and Resource Administrator. This issue affects NetIQ Directory and Resource Administrator versions prior to 10.0.2 and prior to 9.2.1 Patch 10. • https://www.netiq.com/documentation/directory-and-resource-administrator-10/releasenotes_10.0.2/data/releasenotes_10.0.2.html#b149h4pv • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2022-45449
https://notcve.org/view.php?id=CVE-2022-45449
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. • https://security-advisory.acronis.com/advisories/SEC-5279 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •