CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40368 – IBM Storage Protect information disclosure
https://notcve.org/view.php?id=CVE-2023-40368
IBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456. IBM Storage Protect 8.1.0.0 a 8.1.19.0 podría permitir que un usuario privilegiado obtenga información sensible del cliente de línea de comando administrativo. ID de IBM X-Force: 263456. • https://exchange.xforce.ibmcloud.com/vulnerabilities/263456 https://www.ibm.com/support/pages/node/7034288 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-5042
https://notcve.org/view.php?id=CVE-2023-5042
Sensitive information disclosure due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-5330 • CWE-276: Incorrect Default Permissions •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4088 – Malicious Code Execution Vulnerability in FA Engineering Software Products
https://notcve.org/view.php?id=CVE-2023-4088
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation multiple FA engineering software products allows a malicious local attacker to execute a malicious code, resulting in information disclosure, tampering with and deletion, or a denial-of-service (DoS) condition, if the product is installed in a folder other than the default installation folder. • https://jvn.jp/vu/JVNVU96447193/index.html https://www.cisa.gov/news-events/ics-advisories/icsa-23-269-03 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-010_en.pdf • CWE-276: Incorrect Default Permissions •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31014
https://notcve.org/view.php?id=CVE-2023-31014
A successful exploit of this vulnerability may lead to limited information disclosure, denial of service, and code execution. • https://nvidia.custhelp.com/app/answers/detail/a_id/5476 • CWE-668: Exposure of Resource to Wrong Sphere CWE-927: Use of Implicit Intent for Sensitive Communication •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31015
https://notcve.org/view.php?id=CVE-2023-31015
A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, code execution, and denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5473 • CWE-287: Improper Authentication •