CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2541 – Sensitive information disclosure in KNIME Hub Web Application
https://notcve.org/view.php?id=CVE-2023-2541
No personal information or application data was exposed. • https://www.knime.com/security/advisories#CVE-2023-2541 https://zigrin.com/advisories/knime-business-hub-sensitive-information-disclosure • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32550 – Landscape's Apache server-status is accessible by default
https://notcve.org/view.php?id=CVE-2023-32550
This data leak included GET requests which contain information to attack and leak further information from the Landscape API. • https://bugs.launchpad.net/landscape/+bug/1929037 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 4.1EPSS: 0%CPEs: 23EXPL: 0CVE-2023-20750
https://notcve.org/view.php?id=CVE-2023-20750
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 49EXPL: 0CVE-2023-20742
https://notcve.org/view.php?id=CVE-2023-20742
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 49EXPL: 0CVE-2023-20741
https://notcve.org/view.php?id=CVE-2023-20741
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/June-2023 • CWE-125: Out-of-bounds Read •