CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-40632
https://notcve.org/view.php?id=CVE-2023-40632
This could lead to remote information disclosure no additional execution privileges needed En jpg driver, existe un posible use after free debido a un error lógico. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074 • CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 16EXPL: 0CVE-2023-40631
https://notcve.org/view.php?id=CVE-2023-40631
This could lead to local information disclosure with System execution privileges needed En Dialer, es posible que falte una verificación de permisos. • https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-33160 – IBM Security Directory Suite information disclosure
https://notcve.org/view.php?id=CVE-2022-33160
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568. IBM Security Directory Suite 8.0.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 228568. • https://exchange.xforce.ibmcloud.com/vulnerabilities/228568 https://www.ibm.com/support/pages/node/7047071 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-34355 – IBM Jazz Foundation information disclosure
https://notcve.org/view.php?id=CVE-2022-34355
IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system. IBM X-Force ID: 230498. IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1 y 7.0.2) podría revelar información confidencial de la versión a un usuario que podría usarse en futuros ataques contra el sistema. ID de IBM X-Force: 230498. • https://exchange.xforce.ibmcloud.com/vulnerabilities/230498 https://www.ibm.com/support/pages/node/7046995 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21291
https://notcve.org/view.php?id=CVE-2023-21291
This could lead to local information disclosure with User execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/cb6282e8970f4c9db5497889699e68fb2038566e https://source.android.com/security/bulletin/2023-10-01 • CWE-862: Missing Authorization •