CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-47148 – IBM Storage Protect Plus Server information disclosure
https://notcve.org/view.php?id=CVE-2023-47148
IBM Storage Protect Plus Server 10.1.0 through 10.1.15.2 Admin Console could allow a remote attacker to obtain sensitive information due to improper validation of unsecured endpoints which could be used in further attacks against the system. IBM X-Force ID: 270599. IBM Storage Protect Plus Server 10.1.0 a 10.1.15.2 Admin Console podría permitir que un atacante remoto obtenga información confidencial debido a una validación inadecuada de endpoints no seguros que podrían usarse en futuros ataques contra el sistema. ID de IBM X-Force: 270599. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270599 https://www.ibm.com/support/pages/node/7096482 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-49118 – Dsoftbus has an out-of-bounds read vulnerability
https://notcve.org/view.php?id=CVE-2023-49118
in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-02.md • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-43756 – Dsoftbus has an out-of-bounds read vulnerability
https://notcve.org/view.php?id=CVE-2023-43756
in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2024/2024-02.md • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-50962 – IBM PowerSC information disclosure
https://notcve.org/view.php?id=CVE-2023-50962
IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS) web security policy mechanism. IBM X-Force ID: 276004. IBM PowerSC 1.3, 2.0 y 2.1 MFA no implementa el mecanismo de política de seguridad web "HTTP Strict Transport Security" (HSTS). ID de IBM X-Force: 276004. • https://exchange.xforce.ibmcloud.com/vulnerabilities/276004 https://www.ibm.com/support/pages/node/7113759 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-50328 – IBM PowerSC information disclosure
https://notcve.org/view.php?id=CVE-2023-50328
IBM PowerSC 1.3, 2.0, and 2.1 may allow a remote attacker to view session identifiers passed via URL query strings. IBM X-Force ID: 275110. IBM PowerSC 1.3, 2.0 y 2.1 puede permitir a un atacante remoto ver identificadores de sesión pasados a través de cadenas de consulta URL. ID de IBM X-Force: 275110. • https://exchange.xforce.ibmcloud.com/vulnerabilities/275110 https://www.ibm.com/support/pages/node/7113759 • CWE-598: Use of GET Request Method With Sensitive Query Strings CWE-668: Exposure of Resource to Wrong Sphere •