CVSS: 5.5EPSS: 0%CPEs: 15EXPL: 0CVE-2023-28266 – Windows Common Log File System Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-28266
Windows Common Log File System Driver Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28266 • CWE-126: Buffer Over-read •
CVSS: 6.5EPSS: 1%CPEs: 13EXPL: 0CVE-2023-24883 – Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-24883
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24883 • CWE-126: Buffer Over-read •
CVSS: 5.3EPSS: 0%CPEs: 14EXPL: 0CVE-2023-21729 – Remote Procedure Call Runtime Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21729
Remote Procedure Call Runtime Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21729 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-29111 – Information Disclosure vulnerability in SAP Application Interface Framework (ODATA service)
https://notcve.org/view.php?id=CVE-2023-29111
The SAP AIF (ODATA service) - versions 755, 756, discloses more detailed information than is required. An authorized attacker can use the collected information possibly to exploit the component. As a result, an attacker can cause a low impact on the confidentiality of the application. • https://launchpad.support.sap.com/#/notes/3117978 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28765 – Information Disclosure vulnerability in SAP BusinessObjects Business Intelligence Platform (Promotion Management )
https://notcve.org/view.php?id=CVE-2023-28765
An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, can get access to lcmbiar file and further decrypt the file. After this attacker can gain access to BI user’s passwords and depending on the privileges of the BI user, the attacker can perform operations that can completely compromise the application. • https://launchpad.support.sap.com/#/notes/3298961 https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •