CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-36803 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36803
Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de Divulgación de Información del Kernel de Windows The Microsoft Windows Kernel suffers from out-of-bounds reads and paged pool memory disclosure in VrpUpdateKeyInformation. • http://packetstormsecurity.com/files/175109/Microsoft-Windows-Kernel-Out-Of-Bounds-Reads-Memory-Disclosure.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36803 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-38140 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38140
Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de Divulgación de Información del Kernel de Windows The Microsoft Windows Kernel suffers from a paged pool memory disclosure in VrpPostEnumerateKey. • http://packetstormsecurity.com/files/175108/Microsoft-Windows-Kernel-Paged-Pool-Memory-Disclosure.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38140 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-38152 – DHCP Server Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38152
DHCP Server Service Information Disclosure Vulnerability Vulnerabilidad de Divulgación de Información del Servicio del Servidor DHCP • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38152 • CWE-126: Buffer Over-read CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-40622 – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management)
https://notcve.org/view.php?id=CVE-2023-40622
SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability. SAP BusinessObjects Business Intelligence Platform (Promotion Management): las versiones 420, 430, bajo ciertas condiciones, permiten a un atacante autenticado ver información sensible que de otro modo estaría restringida. En una explotación exitosa, el atacante puede comprometer completamente la aplicación causando un alto impacto en la confidencialidad, integridad y disponibilidad. • https://me.sap.com/notes/3320355 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37489 – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Version Management System)
https://notcve.org/view.php?id=CVE-2023-37489
Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform (Version Management System) - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application's availability or integrity. Debido a la falta de validación, SAP BusinessObjects Business Intelligence Platform (Version Management System) - versión 403, permite que un usuario no autenticado lea el fragmento de código a través de la interfaz de usuario, lo que conduce a un bajo impacto en la confidencialidad y ningún impacto en la disponibilidad o integridad de la aplicación. • https://me.sap.com/notes/3352453 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-209: Generation of Error Message Containing Sensitive Information •