Page 384 of 10738 results (0.027 seconds)

CVSS: 4.4EPSS: 0%CPEs: 16EXPL: 0

Active Directory Domain Services Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en Active Directory Domain Services • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36722 • CWE-284: Improper Access Control •

CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0

Windows Power Management Service Information Disclosure Vulnerability Vulnerabilidad de divulgación de información en Windows Power Management Service • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36724 • CWE-287: Improper Authentication •

CVSS: 9.4EPSS: 95%CPEs: 9EXPL: 14

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?... Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA  virtual server. Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. • https://github.com/Chocapikk/CVE-2023-4966 https://github.com/RevoltSecurities/CVE-2023-4966 https://github.com/byte4RR4Y/CVE-2023-4966 https://github.com/0xKayala/CVE-2023-4966 https://github.com/mlynchcogent/CVE-2023-4966-POC https://github.com/IceBreakerCode/CVE-2023-4966 https://github.com/s-bt/CVE-2023-4966 https://github.com/senpaisamp/Netscaler-CVE-2023-4966-POC https://github.com/LucasOneZ/CVE-2023-4966 https://github.com/dinosn/citrix_cve-2023-4966 https:/&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality. La aplicación Statutory Reporting tiene una ubicación de almacenamiento de archivos vulnerable, lo que potencialmente permite a un atacante con pocos privilegios leer archivos del servidor con un impacto mínimo en la confidencialidad. • https://me.sap.com/notes/3222121 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. • https://me.sap.com/notes/3338380 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-209: Generation of Error Message Containing Sensitive Information CWE-611: Improper Restriction of XML External Entity Reference •