CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39057
https://notcve.org/view.php?id=CVE-2023-39057
An information leak in hirochanKAKIwaiting v13.6.1 allows attackers to obtain the channel access token and send crafted messages. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39057.md https://liff.line.me/1657563463-WZNjNErk • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39050
https://notcve.org/view.php?id=CVE-2023-39050
An information leak in Daiky-value.Fukueten v13.6.1 allows attackers to obtain the channel access token and send crafted messages. • https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39050.md https://liff.line.me/1657264266-MPKmV0nq • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33228 – SolarWinds Network Configuration Manager Sensitive Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-33228
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information. Network Configuration Manager de SolarWinds era susceptible a la vulnerabilidad de Exposición de Información Confidencial. Esta vulnerabilidad permite a los usuarios con acceso administrativo a SolarWinds Web Console obtener información confidencial. • https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33228 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-42654
https://notcve.org/view.php?id=CVE-2023-42654
This could lead to local information disclosure with no additional execution privileges needed En el servicio dm, es posible que falte una verificación de permiso. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-42652
https://notcve.org/view.php?id=CVE-2023-42652
This could lead to local information disclosure with no additional execution privileges needed En el modo ingeniero, es posible que falte una verificación de permiso. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-862: Missing Authorization •