CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30437 – IBM Security Guardium information disclosure
https://notcve.org/view.php?id=CVE-2023-30437
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293. IBM Security Guardium 11.3, 11.4 y 11.5 podría permitir a un usuario no autorizado enumerar nombres de usuario enviando una solicitud HTTP especialmente manipulada. ID de IBM X-Force: 252293. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252293 https://www.ibm.com/support/pages/node/7028506 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38730 – IBM Spectrum Copy Data Management information disclosure
https://notcve.org/view.php?id=CVE-2023-38730
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. ... IBM Storage Copy Data Management v2.2.0.0 hasta v2.2.19.0 utiliza algoritmos criptográficos más débiles de los esperado que podrían permitir a un atacante descifrar información altamente sensible. • https://exchange.xforce.ibmcloud.com/vulnerabilities/262268 https://www.ibm.com/support/pages/node/7028841 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25848 – BUG-000158039 - There is an information disclosure issue in ArcGIS Server.
https://notcve.org/view.php?id=CVE-2023-25848
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. The information disclosed is limited to a single attribute in a database connection string. No business data is disclosed. • https://www.esri.com/arcgis-blog/products/trust-arcgis/announcements/arcgis-server-map-and-feature-service-security-2023-update-1-patch • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39290
https://notcve.org/view.php?id=CVE-2023-39290
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. • https://www.mitel.com/support/security-advisories https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0012 •
CVSS: 7.4EPSS: 0%CPEs: -EXPL: 0CVE-2023-35750 – D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-35750
D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability. ... D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability. • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10349 https://www.zerodayinitiative.com/advisories/ZDI-23-1255 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •