CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47169 – Agnai vulnerable to Remote Code Execution via JS Upload using Directory Traversal
https://notcve.org/view.php?id=CVE-2024-47169
26 Sep 2024 — This issue could result in unauthorized access, full server compromise, data leakage, and other critical security threats. • https://github.com/agnaistic/agnai/security/advisories/GHSA-mpch-89gm-hm83 • CWE-35: Path Traversal: '.../...//' CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31899 – IBM Cognos Command Center information disclosure
https://notcve.org/view.php?id=CVE-2024-31899
26 Sep 2024 — IBM Cognos Command Center 10.2.4.1 and 10.2.5 could disclose highly sensitive user information to an authenticated user with physical access to the device. • https://www.ibm.com/support/pages/node/7149734 • CWE-256: Plaintext Storage of a Password •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46175 – IBM Cloud Pak for Multicloud Management information disclosure
https://notcve.org/view.php?id=CVE-2023-46175
26 Sep 2024 — IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user. • https://www.ibm.com/support/pages/node/7170411 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2024-4278 – Incorrect Synchronization in GitLab
https://notcve.org/view.php?id=CVE-2024-4278
26 Sep 2024 — An information disclosure issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. • https://gitlab.com/gitlab-org/gitlab/-/issues/458484 • CWE-821: Incorrect Synchronization •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2024-0132
https://notcve.org/view.php?id=CVE-2024-0132
26 Sep 2024 — A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://github.com/ssst0n3/poc-cve-2024-0132 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44860
https://notcve.org/view.php?id=CVE-2024-44860
26 Sep 2024 — An information disclosure vulnerability in the /Letter/PrintQr/ endpoint of Solvait v24.4.2 allows attackers to access sensitive data via a crafted request. • https://www.solvait.com • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9252 – Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9252
26 Sep 2024 — Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. • https://www.foxit.com/support/security-bulletins.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9251 – Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9251
26 Sep 2024 — Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. • https://www.foxit.com/support/security-bulletins.html • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9253 – Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9253
26 Sep 2024 — Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. • https://www.foxit.com/support/security-bulletins.html • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9246 – Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9246
26 Sep 2024 — Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. • https://www.foxit.com/support/security-bulletins.html • CWE-125: Out-of-bounds Read •