CVSS: 4.4EPSS: 0%CPEs: 16EXPL: 0CVE-2023-36722 – Active Directory Domain Services Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36722
Active Directory Domain Services Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en Active Directory Domain Services • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36722 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2023-36724 – Windows Power Management Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36724
Windows Power Management Service Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en Windows Power Management Service • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36724 • CWE-287: Improper Authentication •
CVSS: 9.4EPSS: 97%CPEs: 9EXPL: 9CVE-2023-4966 – Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-4966
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?... Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server. Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. • https://github.com/Chocapikk/CVE-2023-4966 https://github.com/RevoltSecurities/CVE-2023-4966 https://github.com/byte4RR4Y/CVE-2023-4966 https://github.com/0xKayala/CVE-2023-4966 https://github.com/mlynchcogent/CVE-2023-4966-POC https://github.com/IceBreakerCode/CVE-2023-4966 https://github.com/s-bt/CVE-2023-4966 https://github.com/senpaisamp/Netscaler-CVE-2023-4966-POC https://github.com/LucasOneZ/CVE-2023-4966 http://packetstormsecurity.com/files/175323/Citrix-Bleed-Session- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-42475 – Information Disclosure Vulnerability in Statutory Reporting
https://notcve.org/view.php?id=CVE-2023-42475
The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. La aplicación Statutory Reporting tiene una ubicación de almacenamiento de archivos vulnerable, lo que potencialmente permite a un atacante con pocos privilegios leer archivos del servidor con un impacto mínimo en la confidencialidad. • https://me.sap.com/notes/3222121 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41365 – Information Disclosure vulnerability in SAP Business One (B1i)
https://notcve.org/view.php?id=CVE-2023-41365
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. • https://me.sap.com/notes/3338380 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-209: Generation of Error Message Containing Sensitive Information CWE-611: Improper Restriction of XML External Entity Reference •