CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-42633
https://notcve.org/view.php?id=CVE-2023-42633
This could lead to local information disclosure with no additional execution privileges needed En las herramientas de validación, es posible que falte una verificación de permiso. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-42632
https://notcve.org/view.php?id=CVE-2023-42632
This could lead to local information disclosure with no additional execution privileges needed En las herramientas de validación, es posible que falte una verificación de permiso. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2023-42631
https://notcve.org/view.php?id=CVE-2023-42631
This could lead to local information disclosure with no additional execution privileges needed En las herramientas de validación, es posible que falte una verificación de permiso. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46240 – CodeIgniter4 vulnerable to information disclosure when detailed error report is displayed in production environment
https://notcve.org/view.php?id=CVE-2023-46240
CodeIgniter is a PHP full-stack web framework. Prior to CodeIgniter4 version 4.4.3, if an error or exception occurs, a detailed error report is displayed even if in the production environment. As a result, confidential information may be leaked. Version 4.4.3 contains a patch. As a workaround, replace `ini_set('display_errors', '0')` with `ini_set('display_errors', 'Off')` in `app/Config/Boot/production.php`. • https://codeigniter4.github.io/userguide/general/errors.html#error-reporting https://github.com/codeigniter4/CodeIgniter4/commit/423569fc31e29f51635a2e59c89770333f0e7563 https://github.com/codeigniter4/CodeIgniter4/security/advisories/GHSA-hwxf-qxj7-7rfj • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-41259
https://notcve.org/view.php?id=CVE-2023-41259
Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call. • https://docs.bestpractical.com/release-notes/rt/4.4.7 https://docs.bestpractical.com/release-notes/rt/5.0.5 https://docs.bestpractical.com/release-notes/rt/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •