CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7542 – oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7542
05 Aug 2024 — oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. ... This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. • https://www.zerodayinitiative.com/advisories/ZDI-24-1082 • CWE-457: Use of Uninitialized Variable •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38321 – IBM Business Automation Workflow information disclosure
https://notcve.org/view.php?id=CVE-2024-38321
03 Aug 2024 — IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive information in log files under certain situations that could be read by an authenticated user. • https://exchange.xforce.ibmcloud.com/vulnerabilities/294868 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42349 – FOG has a Log Information Disclosure
https://notcve.org/view.php?id=CVE-2024-42349
02 Aug 2024 — FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server (fog_login_accepted.log and fog_login_failed.log), exposing the name of the user account used to manage FOG, the IP address of the computer used to login and the User-Agent. This vulnerability is fixed in 1.5.10.47. • https://github.com/FOGProject/fogproject/security/advisories/GHSA-697m-3c4p-g29h • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-23600 – PingIDM Query Filter Vulnerability
https://notcve.org/view.php?id=CVE-2024-23600
01 Aug 2024 — Improper Input Validation of query search results for private field data in PingIDM OPENIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure. Improper Input Validation of query search results for private field data in PingIDM (Query Filter module) allows for a potentially efficient brute forcing approach leading to information disclosure. • https://packetstorm.news/files/id/182457 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28972
https://notcve.org/view.php?id=CVE-2024-28972
01 Aug 2024 — An unauthenticated remote attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000226567/dsa-2024-211-security-update-for-a-dell-insightiq-broken-or-risky-cryptographic-algorithm-vulnerability • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.9EPSS: 0%CPEs: 7EXPL: 2CVE-2024-7339 – TVT DVR TD-2104TS-CL queryDevInfo information disclosure
https://notcve.org/view.php?id=CVE-2024-7339
01 Aug 2024 — The manipulation leads to information disclosure. ... NOTE: The vendor was contacted early about this disclosure but did not respond in any way. ... Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://netsecfish.notion.site/Sensitive-Device-Information-Disclosure-in-TVT-DVR-fad1cce703d946969be5130bf3aaac0d? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6990 – Debian Security Advisory 5735-1
https://notcve.org/view.php?id=CVE-2024-6990
01 Aug 2024 — (Chromium security severity: Critical) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html • CWE-457: Use of Uninitialized Variable •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-6992 – Debian Security Advisory 5735-1
https://notcve.org/view.php?id=CVE-2024-6992
01 Aug 2024 — Reported by Anonymous * CVE-2024-7001: Inappropriate implementation in HTML * CVE-2024-7003: Inappropriate implementation in FedCM * CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing * CVE-2024-7005: Insufficient validation of untrusted input in Safe Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7255 – Debian Security Advisory 5735-1
https://notcve.org/view.php?id=CVE-2024-7255
01 Aug 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html • CWE-125: Out-of-bounds Read •
CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7391 – ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-7391
01 Aug 2024 — ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. ... This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. • https://www.zerodayinitiative.com/advisories/ZDI-24-1046 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •