CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39822 – Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2024-39822
Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24029 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39818 – Zoom Workplace Apps and SDKs - Protection Mechanism Failure
https://notcve.org/view.php?id=CVE-2024-39818
Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24022 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28799 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-28799
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly during back-end commands which may result in the unexpected disclosure of this information. IBM X-Force ID: 287173. IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configurations, during back-end commands which may result in the unexpected disclosure of this information. IBM X-Force ID: 287173. • https://exchange.xforce.ibmcloud.com/vulnerabilities/287173 https://www.ibm.com/support/pages/node/7165488 • CWE-214: Invocation of Process Using Visible Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25157 – Authentication bypass in GoAnywhere MFT prior to 7.6.0
https://notcve.org/view.php?id=CVE-2024-25157
This could lead to unauthorized information disclosure or modification. • https://www.fortra.com/security/advisories/product-security/fi-2024-009 • CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-41723 – BIG-IP iControl REST vulnerability
https://notcve.org/view.php?id=CVE-2024-41723
Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. • https://my.f5.com/manage/s/article/K10438187 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •