CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40113
https://notcve.org/view.php?id=CVE-2023-40113
In multiple locations, there is a possible way for apps to access cross-user message data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/providers/TelephonyProvider/+/64ca6ba981745875dbf2064e0b2a47f8194c4f0a https://source.android.com/security/bulletin/2023-11-01 •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40112
https://notcve.org/view.php?id=CVE-2023-40112
This could lead to local information disclosure of past print jobs or other print-related information, with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/services/BuiltInPrintService/+/d7cb53cb5b47f4afdb84cb0e161d84fdc2c32ce7 https://source.android.com/security/bulletin/2023-11-01 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2023-40105
https://notcve.org/view.php?id=CVE-2023-40105
In backupAgentCreated of ActivityManagerService.java, there is a possible way to leak sensitive data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/935eb5ed6be35860a99ea242fb753f687d54a308 https://source.android.com/security/bulletin/2023-11-01 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40104
https://notcve.org/view.php?id=CVE-2023-40104
In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remote information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/system/ca-certificates/+/91204b9fdbd77b3f27f94b73868607b2dccbfdad https://source.android.com/security/bulletin/2023-11-01 • CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39245
https://notcve.org/view.php?id=CVE-2023-39245
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information disclosure vulnerability in EHAC component. • https://www.dell.com/support/kbdoc/en-us/000216654/dsa-2023-299-security-update-for-dell-esi-enterprise-storage-integrator-for-sap-lama-multiple-security-vulnerabilities • CWE-319: Cleartext Transmission of Sensitive Information •