CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-27363
https://notcve.org/view.php?id=CVE-2024-27363
A vulnerability was discovered in Samsung Mobile Processor Exynos 850, Exynos 9610, Exynos 980, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, and Exynos W930 where it does not properly check a pointer address, which can lead to a Information disclosure. • https://semiconductor.samsung.com/support/quality-support/product-security-updates https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27363 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-1287 – Paid Memberships Pro - Member Directory Add On < 1.2.6 - Contributor+ Sensitive Information Disclosure and SQLi
https://notcve.org/view.php?id=CVE-2024-1287
This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive user meta data, including password hashes. • https://wpscan.com/vulnerability/169e5756-4e12-4add-82e9-47471c30f08c • CWE-202: Exposure of Sensitive Information Through Data Queries CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 4.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-27362
https://notcve.org/view.php?id=CVE-2024-27362
A vulnerability was discovered in Samsung Mobile Processors Exynos 1280, Exynos 2200, Exynos 1330, Exynos 1380, and Exynos 2400 where they do not properly check the length of the data, which can lead to a Information disclosure. • https://semiconductor.samsung.com/support/quality-support/product-security-updates https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27362 •
CVSS: 2.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38372 – Undici vulnerable to data leak when using response.arrayBuffer()
https://notcve.org/view.php?id=CVE-2024-38372
Undici is an HTTP/1.1 client, written from scratch for Node.js. Depending on network and process conditions of a `fetch()` request, `response.arrayBuffer()` might include portion of memory from the Node.js process. This has been patched in v6.19.2. Undici es un cliente HTTP/1.1, escrito desde cero para Node.js. Dependiendo de las condiciones de la red y del proceso de una solicitud `fetch()`, `response.arrayBuffer()` podría incluir parte de la memoria del proceso Node.js. • https://github.com/nodejs/undici/commit/f979ec3204ca489abf30e7d20e9fee9ea7711d36 https://github.com/nodejs/undici/issues/3328 https://github.com/nodejs/undici/issues/3337 https://github.com/nodejs/undici/pull/3338 https://github.com/nodejs/undici/security/advisories/GHSA-3g92-w8c5-73pq • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-23562 – HCL Domino is susceptible to an information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2024-23562
This vulnerability is being re-assessed. Vulnerability details will be updated. The security bulletin will be republished when further details are available. Una vulnerabilidad de seguridad en HCL Domino podría permitir la divulgación de información de configuración confidencial. Un atacante remoto no autenticado podría aprovechar esta vulnerabilidad para obtener información y lanzar más ataques contra el sistema afectado. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113822 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •