CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-42475 – Information Disclosure Vulnerability in Statutory Reporting
https://notcve.org/view.php?id=CVE-2023-42475
The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. La aplicación Statutory Reporting tiene una ubicación de almacenamiento de archivos vulnerable, lo que potencialmente permite a un atacante con pocos privilegios leer archivos del servidor con un impacto mínimo en la confidencialidad. • https://me.sap.com/notes/3222121 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41365 – Information Disclosure vulnerability in SAP Business One (B1i)
https://notcve.org/view.php?id=CVE-2023-41365
SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. • https://me.sap.com/notes/3338380 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-209: Generation of Error Message Containing Sensitive Information CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-39189 – Kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()
https://notcve.org/view.php?id=CVE-2023-39189
This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. • https://access.redhat.com/errata/RHSA-2024:2394 https://access.redhat.com/errata/RHSA-2024:2950 https://access.redhat.com/errata/RHSA-2024:3138 https://access.redhat.com/security/cve/CVE-2023-39189 https://bugzilla.redhat.com/show_bug.cgi?id=2226777 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5365 – HP LIFE Android Mobile – Potential Escalation of Privilege, Information Disclosure
https://notcve.org/view.php?id=CVE-2023-5365
HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure. • https://support.hp.com/us-en/document/ish_9393937-9393961-16/hpsbgn03870 • CWE-284: Improper Access Control •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-45247
https://notcve.org/view.php?id=CVE-2023-45247
Sensitive information disclosure and manipulation due to missing authorization. • https://security-advisory.acronis.com/advisories/SEC-6600 • CWE-862: Missing Authorization •