CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2023-24463
https://notcve.org/view.php?id=CVE-2023-24463
Improper input validation in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00851.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-22390
https://notcve.org/view.php?id=CVE-2023-22390
Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable information disclosure via local access. • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00851.html • CWE-92: DEPRECATED: Improper Sanitization of Custom Special Characters •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44294
https://notcve.org/view.php?id=CVE-2023-44294
In Dell Secure Connect Gateway Application and Secure Connect Gateway Appliance (between v5.10.00.00 and v5.18.00.00), a security concern has been identified, where a malicious user with a valid User session may inject malicious content in filters of Collection Rest API. This issue may potentially lead to unintentional information disclosure from the product database. • https://www.dell.com/support/kbdoc/en-us/000219372/dsa-2023-403-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-44293
https://notcve.org/view.php?id=CVE-2023-44293
This issue may potentially lead to unintentional information disclosure from the product database. • https://www.dell.com/support/kbdoc/en-us/000219372/dsa-2023-403-security-update-for-dell-secure-connect-gateway-application-and-appliance-vulnerabilities • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-25125 – Absolute path traversal vulnerability in digdag server
https://notcve.org/view.php?id=CVE-2024-25125
Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to information disclosure and has been addressed in release version 0.10.5.1. ... El sistema de automatización de carga de trabajo digdag de Treasure Data es susceptible a una vulnerabilidad de path traversal si está configurado para almacenar archivos de registro localmente. • https://github.com/treasure-data/digdag/commit/eae89b0daf6c62f12309d8c7194454dfb18cc5c3 https://github.com/treasure-data/digdag/security/advisories/GHSA-5mp4-32rr-v3x5 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •