CVE-2024-45091 – IBM UrbanCode Deploy information disclosure
https://notcve.org/view.php?id=CVE-2024-45091
21 Jan 2025 — IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. IBM UrbanCode Deploy (UCD) 7.0 a 7.0.5.24, 7.1 a 7.1.2.10 y 7.2 a 7.2.3.13 almacena información potencialmente confidencial en archivos de registro que podrían ser leídos por un usuario local con acceso a los registros de solicitudes HTTP. • https://www.ibm.com/support/pages/node/7177857 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-22349 – IBM UrbanCode Velocity information disclosure
https://notcve.org/view.php?id=CVE-2024-22349
20 Jan 2025 — IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system. • https://www.ibm.com/support/pages/node/7172750 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVE-2024-22347 – IBM UrbanCode Velocity information disclosure
https://notcve.org/view.php?id=CVE-2024-22347
20 Jan 2025 — IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7172750 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2024-57912 – iio: pressure: zpa2326: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57912
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the timestamp (u32 pressure, u16 temperature, GAP, u64 timestamp). In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used... • https://git.kernel.org/stable/c/03b262f2bbf43b82eaef82ffb3bc671d5b5c8da1 •
CVE-2024-57911 – iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57911
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc() and it is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information leak
CVE-2024-57910 – iio: light: vcnl4035: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57910
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16 aligned to 8 bytes. In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to u... • https://git.kernel.org/stable/c/ec90b52c07c0403a6db60d752484ec08d605ead0 •
CVE-2024-57909 – iio: light: bh1745: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57909
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to pus... • https://git.kernel.org/stable/c/eab35358aae705b779a7c8b405474d1290175196 •
CVE-2024-57908 – iio: imu: kmx61: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57908
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push da... • https://git.kernel.org/stable/c/c3a23ecc0901f624b681bbfbc4829766c5aa3070 •
CVE-2024-57907 – iio: adc: rockchip_saradc: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57907
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct ... • https://git.kernel.org/stable/c/4e130dc7b41348b13684f0758c26cc6cf72a3449 •
CVE-2024-57906 – iio: adc: ti-ads8688: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57906
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used ... • https://git.kernel.org/stable/c/61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 •