CVE-2023-39244
https://notcve.org/view.php?id=CVE-2023-39244
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information disclosure vulnerability in EHAC component. • https://www.dell.com/support/kbdoc/en-us/000216654/dsa-2023-299-security-update-for-dell-esi-enterprise-storage-integrator-for-sap-lama-multiple-security-vulnerabilities • CWE-284: Improper Access Control •
CVE-2023-28078
https://notcve.org/view.php?id=CVE-2023-28078
A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. • https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-for-dell-smartfabric-os10-multiple-vulnerabilities • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVE-2024-25941 – jail(2) information leak
https://notcve.org/view.php?id=CVE-2024-25941
This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. • https://security.freebsd.org/advisories/FreeBSD-SA-24:02.tty.asc https://security.netapp.com/advisory/ntap-20240510-0003 •
CVE-2023-46186 – IBM Jazz for Service Management information disclosure
https://notcve.org/view.php?id=CVE-2023-46186
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls. IBM X-Force ID: 269929. IBM Jazz for Service Management 1.1.3.20 podría permitir que un usuario no autorizado obtenga información confidencial de archivos mediante navegación forzada debido a controles de acceso inadecuados. ID de IBM X-Force: 269929. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269929 https://www.ibm.com/support/pages/node/7116830 • CWE-425: Direct Request ('Forced Browsing') •
CVE-2023-42776
https://notcve.org/view.php?id=CVE-2023-42776
Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html • CWE-20: Improper Input Validation •