CVE-2024-45091 – IBM UrbanCode Deploy information disclosure
https://notcve.org/view.php?id=CVE-2024-45091
21 Jan 2025 — IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.24, 7.1 through 7.1.2.10, and 7.2 through 7.2.3.13 stores potentially sensitive information in log files that could be read by a local user with access to HTTP request logs. • https://www.ibm.com/support/pages/node/7177857 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2024-22349 – IBM UrbanCode Velocity information disclosure
https://notcve.org/view.php?id=CVE-2024-22349
20 Jan 2025 — IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 allows web pages to be stored locally which can be read by another user on the system. • https://www.ibm.com/support/pages/node/7172750 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVE-2024-22347 – IBM UrbanCode Velocity information disclosure
https://notcve.org/view.php?id=CVE-2024-22347
20 Jan 2025 — IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7172750 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2024-13536 – 1003 Mortgage Application <= 1.87 - Unauthenticated Full Path Disclosure
https://notcve.org/view.php?id=CVE-2024-13536
20 Jan 2025 — The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://plugins.trac.wordpress.org/browser/1003-mortgage-application/trunk/inc/class/fnm/export.php • CWE-209: Generation of Error Message Containing Sensitive Information •
CVE-2024-57912 – iio: pressure: zpa2326: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57912
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the timestamp (u32 pressure, u16 temperature, GAP, u64 timestamp). In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local ... • https://git.kernel.org/stable/c/03b262f2bbf43b82eaef82ffb3bc671d5b5c8da1 •
CVE-2024-57911 – iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57911
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc() and it is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iio_simply_dummy_buffer: fix information... • https://git.kernel.org/stable/c/415f792447572ef1949a3cef5119bbce8cc66373 •
CVE-2024-57910 – iio: light: vcnl4035: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57910
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to push data to userspace from a triggered buffer, but it does not set an initial value for the single data element, which is an u16 aligned to 8 bytes. In the Linux kernel, the following vulnerability has been resolved: iio: light: vcnl4035: fix information leak in triggered buffer The 'buffer' local array is used to ... • https://git.kernel.org/stable/c/ec90b52c07c0403a6db60d752484ec08d605ead0 •
CVE-2024-57909 – iio: light: bh1745: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57909
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1745: fix information leak in triggered buffer The 'scan' local struct ... • https://git.kernel.org/stable/c/eab35358aae705b779a7c8b405474d1290175196 •
CVE-2024-57908 – iio: imu: kmx61: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57908
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: imu: kmx61: fix information leak in triggered buffer The 'buffer' local array is u... • https://git.kernel.org/stable/c/c3a23ecc0901f624b681bbfbc4829766c5aa3070 •
CVE-2024-57907 – iio: adc: rockchip_saradc: fix information leak in triggered buffer
https://notcve.org/view.php?id=CVE-2024-57907
19 Jan 2025 — In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses iio_for_each_active_channel() to assign new values. In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchip_saradc: fix information leak in triggered buffer The 'data'... • https://git.kernel.org/stable/c/4e130dc7b41348b13684f0758c26cc6cf72a3449 •