CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38276 – IBM Cognos Dashboards information disclosure
https://notcve.org/view.php?id=CVE-2023-38276
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment variables which could aid in further attacks against the system. IBM X-Force ID: 260736. IBM Cognos Dashboards en Cloud Pak for Data 4.7.0 expone información confidencial en variables de entorno que podrían ayudar en futuros ataques contra el system. ID de IBM X-Force: 260736. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260736 https://www.ibm.com/support/pages/node/7031207 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38275 – IBM Cognos Dashboards information disclosure
https://notcve.org/view.php?id=CVE-2023-38275
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container images which could lead to further attacks against the system. IBM X-Force ID: 260730. IBM Cognos Dashboards en Cloud Pak for Data 4.7.0 expone información confidencial en imágenes de contenedores que podrían provocar más ataques contra el system. ID de IBM X-Force: 260730. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260735 https://www.ibm.com/support/pages/node/7031207 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34044 – Information disclosure vulnerability in bluetooth device-sharing functionality
https://notcve.org/view.php?id=CVE-2023-34044
VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. VMware Workstation (17.x anterior a 17.5) y Fusion (13.x anterior a 13.5) contienen una vulnerabilidad de lectura fuera de límites que existe en la funcionalidad para compartir dispositivos Bluetooth host con la máquina virtual. Un actor malintencionado con privilegios administrativos locales en una máquina virtual puede leer información privilegiada contenida en la memoria del hipervisor desde una máquina virtual. This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. • https://www.vmware.com/security/advisories/VMSA-2023-0022.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4601 – Stack-based Buffer Overflow in NI System Configuration Software
https://notcve.org/view.php?id=CVE-2023-4601
A stack-based buffer overflow vulnerability exists in NI System Configuration that could result in information disclosure and/or arbitrary code execution. • https://www.ni.com/en/support/documentation/supplemental/23/stack-based-buffer-overflow-in-ni-system-configuration.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35656
https://notcve.org/view.php?id=CVE-2023-35656
This could lead to remote information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2023-10-01 • CWE-125: Out-of-bounds Read •