CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39824 – Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2024-39824
14 Aug 2024 — Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24030 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39823 – Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2024-39823
14 Aug 2024 — Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24030 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39822 – Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2024-39822
14 Aug 2024 — Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24029 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39818 – Zoom Workplace Apps and SDKs - Protection Mechanism Failure
https://notcve.org/view.php?id=CVE-2024-39818
14 Aug 2024 — Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24022 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28799 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-28799
14 Aug 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly during back-end commands which may result in the unexpected disclosure of this information. IBM X-Force ID: 287173. IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configurations, during back-end commands which may result i... • https://exchange.xforce.ibmcloud.com/vulnerabilities/287173 • CWE-214: Invocation of Process Using Visible Sensitive Information •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25157 – Authentication bypass in GoAnywhere MFT prior to 7.6.0
https://notcve.org/view.php?id=CVE-2024-25157
14 Aug 2024 — This could lead to unauthorized information disclosure or modification. • https://www.fortra.com/security/advisories/product-security/fi-2024-009 • CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-41723 – BIG-IP iControl REST vulnerability
https://notcve.org/view.php?id=CVE-2024-41723
14 Aug 2024 — Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. • https://my.f5.com/manage/s/article/K10438187 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: -EXPL: 0CVE-2023-48361
https://notcve.org/view.php?id=CVE-2023-48361
14 Aug 2024 — Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00999.html • CWE-665: Improper Initialization •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2023-49144
https://notcve.org/view.php?id=CVE-2023-49144
14 Aug 2024 — Out of bounds read in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01078.html • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 2%CPEs: 1EXPL: 0CVE-2024-38653 – Ivanti Avalanche decodeToMap XML External Entity Processing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38653
14 Aug 2024 — XXE in SmartDeviceServer in Ivanti Avalanche 6.3.1 allows a remote unauthenticated attacker to read arbitrary files on the server. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the decodeToMap method. Due to the improper restriction of XML External Entity (XXE) references, a crafted document specifying a URI causes the XML parser to acces... • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373 • CWE-611: Improper Restriction of XML External Entity Reference •