Page 204 of 10579 results (0.140 seconds)

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information disclosure vulnerability in EHAC component. • https://www.dell.com/support/kbdoc/en-us/000216654/dsa-2023-299-security-update-for-dell-esi-enterprise-storage-integrator-for-sap-lama-multiple-security-vulnerabilities • CWE-284: Improper Access Control •

CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0

A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. • https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-for-dell-smartfabric-os10-multiple-vulnerabilities • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. • https://security.freebsd.org/advisories/FreeBSD-SA-24:02.tty.asc https://security.netapp.com/advisory/ntap-20240510-0003 •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls. IBM X-Force ID: 269929. IBM Jazz for Service Management 1.1.3.20 podría permitir que un usuario no autorizado obtenga información confidencial de archivos mediante navegación forzada debido a controles de acceso inadecuados. ID de IBM X-Force: 269929. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269929 https://www.ibm.com/support/pages/node/7116830 • CWE-425: Direct Request ('Forced Browsing') •

CVSS: 3.8EPSS: 0%CPEs: -EXPL: 0

Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html • CWE-20: Improper Input Validation •