CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-27502
https://notcve.org/view.php?id=CVE-2023-27502
Insertion of sensitive information into log file for some Intel(R) Local Manageability Service software before version 2316.5.1.2 may allow an authenticated user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00923.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-38575 – kernel: Local information disclosure in some Intel(R) processors
https://notcve.org/view.php?id=CVE-2023-38575
Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. ... A vulnerability was found in some Intel processors that may allow a malicious actor to achieve a local information disclosure, impacting the data confidentiality of the targeted host. • https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html https://security.netapp.com/advisory/ntap-20240405-0008 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00982.html https://access.redhat.com/security/cve/CVE-2023-38575 https://bugzilla.redhat.com/show_bug.cgi?id=2270701 • CWE-1303: Non-Transparent Sharing of Microarchitectural Resources •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-43490 – kernel: Local information disclosure on Intel(R) Xeon(R) D processors with Intel(R) SGX due to incorrect calculation in microcode
https://notcve.org/view.php?id=CVE-2023-43490
Incorrect calculation in microcode keying mechanism for some Intel(R) Xeon(R) D Processors with Intel(R) SGX may allow a privileged user to potentially enable information disclosure via local access. ... This issue may allow a local attacker to achieve sensitive information disclosure, impacting the data confidentiality of the targeted system. • https://lists.debian.org/debian-lts-announce/2024/05/msg00003.html https://security.netapp.com/advisory/ntap-20240405-0009 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01045.html https://access.redhat.com/security/cve/CVE-2023-43490 https://bugzilla.redhat.com/show_bug.cgi?id=2270704 • CWE-682: Incorrect Calculation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25154 – Path Traversal in FileCatalyst Direct 3.8.8 and Earlier
https://notcve.org/view.php?id=CVE-2024-25154
Improper URL validation leads to path traversal in FileCatalyst Direct 3.8.8 and earlier allowing an encoded payload to cause the web server to return files located outside of the web root which may lead to data leakage. • https://filecatalyst.software/public/filecatalyst/Direct/3.8.9.90/whatsnew_direct.html https://www.fortra.com/security/advisory/fi-2024-003 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-1979 – Quarkus: information leak in annotation
https://notcve.org/view.php?id=CVE-2024-1979
A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk. Se encontró una vulnerabilidad en Quarkus. En ciertas condiciones relacionadas con el proceso de CI, las credenciales de git podrían publicarse sin darse cuenta, lo que podría poner en riesgo el repositorio de git. • https://access.redhat.com/errata/RHSA-2024:1662 https://access.redhat.com/security/cve/CVE-2024-1979 https://bugzilla.redhat.com/show_bug.cgi?id=2266690 https://github.com/quarkusio/quarkus/issues/38055 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •