CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-4569 – Kernel: information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c
https://notcve.org/view.php?id=CVE-2023-4569
A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, which can result in a memory leak. • https://access.redhat.com/security/cve/CVE-2023-4569 https://bugzilla.redhat.com/show_bug.cgi?id=2235470 https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230812110526.49808-1-fw@strlen.de https://www.debian.org/security/2023/dsa-5492 • CWE-401: Missing Release of Memory after Effective Lifetime CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-24959 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2023-24959
IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. IBM X-Force ID: 246332. IBM InfoSphere Information Systems v11.7 podría exponer información sobre el sistema host y la configuración del entorno. IBM X-Force ID: 246332. • https://exchange.xforce.ibmcloud.com/vulnerabilities/246332 https://www.ibm.com/support/pages/node/6988615 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26271 – IBM Security Guardium Data Encryption information disclosure
https://notcve.org/view.php?id=CVE-2023-26271
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 248126. IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) utiliza una configuración de bloqueo de cuenta inadecuada que podría permitir a un atacante remoto forzar las credenciales de la cuenta. IBM X-Force ID: 248126. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248126 https://www.ibm.com/support/pages/node/6995161 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26272 – IBM Security Guardium Data Encryption information disclosure
https://notcve.org/view.php?id=CVE-2023-26272
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 248133. IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría utilizarse en ataques posteriores contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248133 https://www.ibm.com/support/pages/node/6995161 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-34725 – TECHView LA5570 Wireless Gateway 1.0.19_T53 Traversal / Privilege Escalation
https://notcve.org/view.php?id=CVE-2023-34725
TECHView LA5570 Wireless Gateway version 1.0.19_T53 suffers from directory traversal, privilege escalation, and information disclosure vulnerabilities. • http://packetstormsecurity.com/files/174553/TECHView-LA5570-Wireless-Gateway-1.0.19_T53-Traversal-Privilege-Escalation.html https://www.exploitsecurity.io/post/cve-2023-34723-cve-2023-34724-cve-2023-34725 https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570 • CWE-668: Exposure of Resource to Wrong Sphere •