CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28993 – SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-28993
17 Jul 2024 — The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-28992 – SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-28992
17 Jul 2024 — The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. ... This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of SolarWinds Access Rights Manager. ... An attacker can leverage this vulnerability to delete files and disclose... • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-287: Improper Authentication •
CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23468 – SolarWinds Access Rights Manager Directory Traversal and Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23468
17 Jul 2024 — The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information. ... This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of SolarWinds Access Rights Manager. ... An attacker can leverage this vulnerability to delete files and disclose... • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23474 – SolarWinds Access Rights Manager (ARM) deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-23474
17 Jul 2024 — The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability. ... This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of SolarWinds Access Rights Manager. ... An attacker can leverage this vulnerability to delete files and disclose information in the context of a highly privileged domain user. • https://documentation.solarwinds.com/en/success_center/arm/content/release_notes/arm_2024-3_release_notes.htm • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35640 – IBM Sterling Partner Engagement Manager information disclosure
https://notcve.org/view.php?id=CVE-2022-35640
16 Jul 2024 — IBM Sterling Partner Engagement Manager 6.2.2 could allow a local attacker to obtain sensitive information when a detailed technical error message is returned. • https://exchange.xforce.ibmcloud.com/vulnerabilities/230933 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21164 – Oracle VirtualBox EHCI USB Controller Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-21164
16 Jul 2024 — This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. • https://www.oracle.com/security-alerts/cpujul2024.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6779 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6779
16 Jul 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2024-6778 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6778
16 Jul 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://github.com/ading2210/CVE-2024-6778-POC • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-366: Race Condition within a Thread •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6777 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6777
16 Jul 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6776 – Debian Security Advisory 5732-1
https://notcve.org/view.php?id=CVE-2024-6776
16 Jul 2024 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html • CWE-416: Use After Free •