CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28972
https://notcve.org/view.php?id=CVE-2024-28972
An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000226567/dsa-2024-211-security-update-for-a-dell-insightiq-broken-or-risky-cryptographic-algorithm-vulnerability • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 2CVE-2024-7339 – TVT DVR TD-2104TS-CL queryDevInfo information disclosure
https://notcve.org/view.php?id=CVE-2024-7339
The manipulation leads to information disclosure. ... Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/RevoltSecurities/CVE-2024-7339 https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-TVT-DVR-fad1cce703d946969be5130bf3aaac0d? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-7391 – ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7391
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. User interaction is required to exploit this vulnerability. The specific flaw exists within the Wi-Fi setup logic. By connecting to the device over Bluetooth Low Energy during the setup process, an attacker can obtain Wi-Fi credentials. An attacker can leverage this vulnerability to disclose credentials and gain access to the device owner's Wi-Fi network. •
CVSS: 6.9EPSS: 0%CPEs: -EXPL: 1CVE-2024-7328 – YouDianCMS information disclosure
https://notcve.org/view.php?id=CVE-2024-7328
The manipulation leads to information disclosure. ... Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://vuldb.com/?ctiid.273251 https://vuldb.com/?id.273251 https://vuldb.com/?submit.378323 https://wiki.shikangsi.com/post/share/ce9ce9b8-dec1-4d85-a955-8e5876cc270f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41108 – FOG Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2024-41108
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. The hostinfo page has missing/improper access control since only the host's mac address is required to obtain the configuration information. This data can only be retrieved if a task is pending on that host. Otherwise, an error message containing "Invalid tasking!" will be returned. • https://github.com/FOGProject/fogproject/blob/a4bb1bf39ac53c3cbe623576915fbc3b5c80a00f/packages/web/service/hostinfo.php https://github.com/FOGProject/fogproject/blob/a4bb1bf39ac53c3cbe623576915fbc3b5c80a00f/packages/web/service/hostname.php https://github.com/FOGProject/fogproject/security/advisories/GHSA-p3f9-4jj4-fm2g • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •