CVSS: 3.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-30118 – HCL Connections is susceptible to a sensitive information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-30118
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to because of improperly handling the request data. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0114302 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-38815
https://notcve.org/view.php?id=CVE-2024-38815
VMware NSX contains a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive information disclosure. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25047 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 2.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-7038 – Information Disclosure in open-webui/open-webui
https://notcve.org/view.php?id=CVE-2024-7038
An information disclosure vulnerability exists in open-webui version 0.3.8. • https://huntr.com/bounties/f42cf72a-8015-44a6-81a9-c6332ef05afc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-9470 – Cortex XSOAR: Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-9470
A vulnerability in Cortex XSOAR allows the disclosure of incident data to users who do not have the privilege to view the data. • https://security.paloaltonetworks.com/CVE-2024-9470 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-43610 – Copilot Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-43610
Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43610 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •