CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25052 – IBM Jazz Reporting Service information disclosure
https://notcve.org/view.php?id=CVE-2024-25052
IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user. IBM X-Force ID: 283363. IBM Jazz Reporting Service 7.0.3 almacena las credenciales de usuario en texto plano que puede ser leído por un usuario administrador. ID de IBM X-Force: 283363. • https://exchange.xforce.ibmcloud.com/vulnerabilities/283363 https://https://www.ibm.com/support/pages/node/7157232 • CWE-256: Plaintext Storage of a Password •
CVSS: 5.1EPSS: 0%CPEs: 9EXPL: 0CVE-2024-32856
https://notcve.org/view.php?id=CVE-2024-32856
A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000221745/dsa-2024-067 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-30300 – Tenable Vulnerability Disclosure | Sensitive Information Disclosure Via Fake FMPS Worker
https://notcve.org/view.php?id=CVE-2024-30300
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an Information Exposure vulnerability (CWE-200) that could lead to privilege escalation. An attacker could exploit this vulnerability to gain access to sensitive information which may include system or user privileges. Exploitation of this issue does not require user interaction. Las versiones 2020.3, 2022.2 y anteriores de Adobe Framemaker Publishing Server se ven afectadas por una vulnerabilidad de exposición de información (CWE-200) que podría provocar una escalada de privilegios. Un atacante podría aprovechar esta vulnerabilidad para obtener acceso a información confidencial que puede incluir privilegios del sistema o del usuario. • https://helpx.adobe.com/security/products/framemaker-publishing-server/apsb24-38.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-30472
https://notcve.org/view.php?id=CVE-2024-30472
Telemetry Dashboard v1.0.0.8 for Dell ThinOS 2402 contains a sensitive information disclosure vulnerability. An unauthenticated user with local access to the device could exploit this vulnerability leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000225289/dsa-2024-229 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5947 – Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-5947
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. • https://github.com/Cappricio-Securities/CVE-2024-5947 https://www.zerodayinitiative.com/advisories/ZDI-24-671 • CWE-306: Missing Authentication for Critical Function •