CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44408
https://notcve.org/view.php?id=CVE-2024-44408
06 Sep 2024 — D-Link DIR-823G v1.0.2B05_20181207 is vulnerable to Information Disclosure. • https://github.com/lonelylonglong/openfile-/blob/main/DIR-823G.md/DIR-823G.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45096 – IBM Aspera Faspex information disclosure
https://notcve.org/view.php?id=CVE-2024-45096
05 Sep 2024 — IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing. • https://www.ibm.com/support/pages/node/7167255 • CWE-548: Exposure of Information Through Directory Listing •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2024-8461 – D-Link DNS-320 Web Management Interface discovery.cgi information disclosure
https://notcve.org/view.php?id=CVE-2024-8461
05 Sep 2024 — The manipulation leads to information disclosure. ... Durch Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/leetsun/IoT-Vuls/tree/main/Dlink-dns320/4 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 1CVE-2024-8460 – D-Link DNS-320 Web Management Interface widget_api.cgi information disclosure
https://notcve.org/view.php?id=CVE-2024-8460
05 Sep 2024 — The manipulation of the argument getHD/getSer/getSys leads to information disclosure. ... Durch das Beeinflussen des Arguments getHD/getSer/getSys mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/leetsun/IoT-Vuls/tree/main/Dlink-dns320/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45107 – ZDI-CAN-24186: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-45107
05 Sep 2024 — Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. • https://helpx.adobe.com/security/products/acrobat/apsb24-57.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-45175 – C-MOR Video Surveillance 5.2401 / 6.00PL01 Information Disclosure / Cleartext Secret
https://notcve.org/view.php?id=CVE-2024-45175
05 Sep 2024 — Sensitive information is stored in cleartext. It was found out that sensitive information, for example login credentials of cameras, is stored in cleartext. ... C-MOR Video Surveillance versions 5.2401 and 6.00PL01 stores sensitive information, such as credentials, in clear text. • https://packetstorm.news/files/id/181383 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-44972 – btrfs: do not clear page dirty inside extent_write_locked_range()
https://notcve.org/view.php?id=CVE-2024-44972
04 Sep 2024 — > btrfs_direct_write: r/i=5/259 start dio filepos=696320 len=102400 Then direct IO writ ---truncated--- In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clear page dirty inside extent_write_locked_range() [BUG] For subpage + zoned case, the following workload can lead to rsv data leak at unmount time: # mkfs.btrfs -f -s 4k $dev # mount $dev $mnt # fsstress -w -n 8 -d $mnt -s 1709539240 0/0: fiemap - no filename 0/1: copyrange read - no filename 0/2: write - no ... • https://git.kernel.org/stable/c/ba4dedb71356638d8284e34724daca944be70368 •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2024-20503 – Cisco Duo Epic for Hyperdrive Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20503
04 Sep 2024 — A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to view sensitive information in cleartext on an affected system. ... A successful exploit could allow the attacker to view sensitive information in cleartext. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-epic-info-sdLv6h8y •
CVSS: 7.8EPSS: 4%CPEs: 3EXPL: 0CVE-2024-20440 – Cisco Smart Licensing Utility Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20440
04 Sep 2024 — A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to access sensitive information. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-44820
https://notcve.org/view.php?id=CVE-2024-44820
04 Sep 2024 — A sensitive information disclosure vulnerability exists in ZZCMS v.2023 and before within the eginfo.php file located at /3/E_bak5.1/upload/. When accessed with the query parameter phome=ShowPHPInfo, the application executes the phpinfo() function, which exposes detailed information about the PHP environment, including server configuration, loaded modules, and environment variables. • https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-44820%20ZZCMS2023%20phpinfo%E6%B3%84%E9%9C%B2.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •