CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-2737 – Improper securing of log directory may allow a denial of service
https://notcve.org/view.php?id=CVE-2023-2737
Improper log permissions in SafeNet Authentication Service Version 3.4.0 on Windows allows an authenticated attacker to cause a denial of service via local privilege escalation. Los permisos de registro inadecuados en SafeNet Authentication Service versión 3.4.0 en Windows permiten que un atacante autenticado provoque una denegación de servicio mediante una escalada de privilegios local. • https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=08f460ba47bba550c0e42e61e36d432f&sysparm_article=KB0027485 • CWE-276: Incorrect Default Permissions •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20560 –
https://notcve.org/view.php?id=CVE-2023-20560
Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7004 • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20564 –
https://notcve.org/view.php?id=CVE-2023-20564
Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7004 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38402 – Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client
https://notcve.org/view.php?id=CVE-2023-38402
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4333 – Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server
https://notcve.org/view.php?id=CVE-2023-4333
Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server Broadcom RAID Controller Web Interface no aplica la orden de cifrado SSL por el servidor. • https://www.broadcom.com/support/resources/product-security-center • CWE-326: Inadequate Encryption Strength •