CVE-2024-34018
https://notcve.org/view.php?id=CVE-2024-34018
Sensitive information disclosure due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-4196 • CWE-276: Incorrect Default Permissions •
CVE-2024-35118 – IBM MaaS360 information disclosure
https://notcve.org/view.php?id=CVE-2024-35118
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by a user with physical access to the device. • https://www.ibm.com/support/pages/node/7166750 https://exchange.xforce.ibmcloud.com/vulnerabilities/290341 • CWE-798: Use of Hard-coded Credentials •
CVE-2024-38304
https://notcve.org/view.php?id=CVE-2024-38304
A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228137/dsa-2024-310-security-update-for-dell-poweredge-server-for-access-of-memory-location-after-end-of-buffer-vulnerability • CWE-788: Access of Memory Location After End of Buffer •
CVE-2024-38303
https://notcve.org/view.php?id=CVE-2024-38303
A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000228135/dsa-2024-309-security-update-for-dell-poweredge-server-for-improper-input-validation-vulnerability • CWE-20: Improper Input Validation •
CVE-2024-43990 – WordPress Masterstudy LMS Starter theme <= 1.1.8 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-43990
Insertion of Sensitive Information into Log File vulnerability in StylemixThemes Masterstudy LMS Starter.This issue affects Masterstudy LMS Starter: from n/a through 1.1.8. The Masterstudy - Education WordPress Theme theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.8. • https://patchstack.com/database/vulnerability/ms-lms-starter-theme/wordpress-masterstudy-lms-starter-theme-1-1-8-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •