CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28078
https://notcve.org/view.php?id=CVE-2023-28078
A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. • https://www.dell.com/support/kbdoc/en-us/000216584/dsa-2023-124-security-update-for-dell-smartfabric-os10-multiple-vulnerabilities • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-25941 – jail(2) information leak
https://notcve.org/view.php?id=CVE-2024-25941
This gives rise to an information leak about processes outside the current jail. Attacker can get information about TTYs allocated on the host or in other jails. • https://security.freebsd.org/advisories/FreeBSD-SA-24:02.tty.asc https://security.netapp.com/advisory/ntap-20240510-0003 •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46186 – IBM Jazz for Service Management information disclosure
https://notcve.org/view.php?id=CVE-2023-46186
IBM Jazz for Service Management 1.1.3.20 could allow an unauthorized user to obtain sensitive file information using forced browsing due to improper access controls. IBM X-Force ID: 269929. IBM Jazz for Service Management 1.1.3.20 podría permitir que un usuario no autorizado obtenga información confidencial de archivos mediante navegación forzada debido a controles de acceso inadecuados. ID de IBM X-Force: 269929. • https://exchange.xforce.ibmcloud.com/vulnerabilities/269929 https://www.ibm.com/support/pages/node/7116830 • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 3.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-42776
https://notcve.org/view.php?id=CVE-2023-42776
Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01014.html • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-35061
https://notcve.org/view.php?id=CVE-2023-35061
Improper initialization for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. ... Improper initialization for the Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00947.html https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00999.html • CWE-665: Improper Initialization •