CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-46979 – Data leak of notification filters of users in XWiki Platform
https://notcve.org/view.php?id=CVE-2024-46979
18 Sep 2024 — The filters do not provide much information (they mainly contain references which are public data in XWiki), though some info could be used in combination with other vulnerabilities. • https://github.com/xwiki/xwiki-platform/commit/c8c6545f9bde6f5aade994aa5b5903a67b5c2582 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46987 – Arbitrary path traversal in Camaleon CMS
https://notcve.org/view.php?id=CVE-2024-46987
18 Sep 2024 — This issue may lead to Information Disclosure. • https://codeql.github.com/codeql-query-help/ruby/rb-path-injection • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-25776 – Sensitive Data Exposure due to inadequate user permission settings
https://notcve.org/view.php?id=CVE-2022-25776
18 Sep 2024 — Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing. Users could potentially access sensitive data such as names and surnames, company names and stage names. • https://github.com/mautic/mautic/security/advisories/GHSA-qjx3-2g35-6hv8 • CWE-276: Incorrect Default Permissions •
CVSS: 3.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46794 – x86/tdx: Fix data leak in mmio_read()
https://notcve.org/view.php?id=CVE-2024-46794
18 Sep 2024 — In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address from the VMM. ... Do not send the original value of *val to the VMM. [ dhansen: clarify what 'val' is used for. ] In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix data leak in mmio_read() The mmio_read() function makes a TDVMCALL to retrieve MMIO data for an address ... • https://git.kernel.org/stable/c/31d58c4e557d46fa7f8557714250fb6f89c941ae •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-39339
https://notcve.org/view.php?id=CVE-2024-39339
18 Sep 2024 — This misconfiguration can lead to information disclosure, leaking sensitive details such as diagnostic log traces, system logs, headunit passwords, and personally identifiable information (PII). The exposure of such information may have serious implications for user privacy and system integrity. • https://docs.google.com/document/d/1S-d8zyZreYYGSIr4zGww6F2iBfD63v10Z3YVbGnp2es/edit?usp=sharing • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-37985 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-37985
17 Sep 2024 — Windows Kernel Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37985 • CWE-1037: Processor Optimization Removal or Modification of Security-critical Code •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8909 – Debian Security Advisory 5773-1
https://notcve.org/view.php?id=CVE-2024-8909
17 Sep 2024 — (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8908 – Debian Security Advisory 5773-1
https://notcve.org/view.php?id=CVE-2024-8908
17 Sep 2024 — (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8907 – Debian Security Advisory 5773-1
https://notcve.org/view.php?id=CVE-2024-8907
17 Sep 2024 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8906 – Debian Security Advisory 5773-1
https://notcve.org/view.php?id=CVE-2024-8906
17 Sep 2024 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html •