CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-38206 – Microsoft Copilot Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38206
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38206 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7564 – Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7564
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-24-1021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39751 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-39751
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 297429 • https://exchange.xforce.ibmcloud.com/vulnerabilities/297429 https://www.ibm.com/support/pages/node/7160580 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42352 – Server-Side Request Forgery (SSRF) in nuxt-icon
https://notcve.org/view.php?id=CVE-2024-42352
This leads to SSRF, and could potentially lead to sensitive data exposure. • https://github.com/nuxt/icon/security/advisories/GHSA-cxgv-px37-4mp2 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-21978
https://notcve.org/view.php?id=CVE-2024-21978
Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption. • https://https://www.amd.com/en/resources/product-security/bulletin/amd-sb-3011.html • CWE-20: Improper Input Validation •