CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39823 – Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2024-39823
14 Aug 2024 — Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24030 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39822 – Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2024-39822
14 Aug 2024 — Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24029 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39818 – Zoom Workplace Apps and SDKs - Protection Mechanism Failure
https://notcve.org/view.php?id=CVE-2024-39818
14 Aug 2024 — Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24022 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28799 – IBM QRadar Suite Software information disclosure
https://notcve.org/view.php?id=CVE-2024-28799
14 Aug 2024 — IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly during back-end commands which may result in the unexpected disclosure of this information. ... IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 displays sensitive data improperly to a local privileged user, in non default configurations, during back-end commands which may result in the ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/287173 • CWE-214: Invocation of Process Using Visible Sensitive Information •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25157 – Authentication bypass in GoAnywhere MFT prior to 7.6.0
https://notcve.org/view.php?id=CVE-2024-25157
14 Aug 2024 — This could lead to unauthorized information disclosure or modification. • https://www.fortra.com/security/advisories/product-security/fi-2024-009 • CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-41723 – BIG-IP iControl REST vulnerability
https://notcve.org/view.php?id=CVE-2024-41723
14 Aug 2024 — Undisclosed requests to BIG-IP iControl REST can lead to information leak of user account names. • https://my.f5.com/manage/s/article/K10438187 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: -EXPL: 0CVE-2023-48361
https://notcve.org/view.php?id=CVE-2023-48361
14 Aug 2024 — Improper initialization in firmware for some Intel(R) CSME may allow a privileged user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00999.html • CWE-665: Improper Initialization •
CVSS: 8.1EPSS: 0%CPEs: -EXPL: 0CVE-2023-49144
https://notcve.org/view.php?id=CVE-2023-49144
14 Aug 2024 — Out of bounds read in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01078.html • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 2%CPEs: 1EXPL: 0CVE-2024-38653 – Ivanti Avalanche decodeToMap XML External Entity Processing Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-38653
14 Aug 2024 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-4-CVE-2024-38652-CVE-2024-38653-CVE-2024-36136-CVE-2024-37399-CVE-2024-37373 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7569
https://notcve.org/view.php?id=CVE-2024-7569
13 Aug 2024 — An information disclosure vulnerability in Ivanti ITSM on-prem and Neurons for ITSM versions 2023.4 and earlier allows an unauthenticated attacker to obtain the OIDC client secret via debug information. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2024-7569-CVE-2024-7570 • CWE-215: Insertion of Sensitive Information Into Debugging Code CWE-922: Insecure Storage of Sensitive Information •