CVE-2023-41366 – Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform
https://notcve.org/view.php?id=CVE-2023-41366
Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT, allows an unauthenticated attacker to access the unintended data due to the lack of restrictions applied which may lead to low impact in confidentiality and no impact on the integrity and availability of the application. Bajo ciertas condiciones SAP NetWeaver Application Server ABAP - versiones KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT, permite que un atacante no autenticado acceda a datos no deseados debido a la falta de restricciones aplicadas, lo que puede generar un bajo impacto en la confidencialidad y ningún impacto en la integridad y disponibilidad de la aplicación. • https://me.sap.com/notes/3362849 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVE-2023-44434 – Kofax Power PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-44434
Kofax Power PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-23-1609 • CWE-125: Out-of-bounds Read •
CVE-2023-44433 – Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-44433
Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. ... Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-23-1610 • CWE-125: Out-of-bounds Read •
CVE-2023-44447 – TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-44447
TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-23-1623 • CWE-290: Authentication Bypass by Spoofing •
CVE-2023-40600 – WordPress EWWW Image Optimizer Plugin <= 7.2.0 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-40600
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Exactly WWW EWWW Image Optimizer. Solo funciona cuando debug.log está activado. Este problema afecta a EWWW Image Optimizer: desde n/a hasta 7.2.0. • https://github.com/RandomRobbieBF/CVE-2023-40600 https://patchstack.com/database/vulnerability/ewww-image-optimizer/wordpress-ewww-image-optimizer-plugin-7-2-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •