Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue affects Mobatime mobile application AMXGT100 through 1.3.20.

The Call Blocker application 6.6.3 for Android allows unauthorized applications to use exposed components to delete data stored in its database that is related to user privacy settings and affects the implementation of the normal functionality of the application. An attacker can use this to cause an escalation of privilege attack.

Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in CBOT Chatbot allows Adversary in the Middle (AiTM).This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.

Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0.

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details.

Improper buffer restrictions in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.

Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access.

Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper buffer restriction in software for the Intel QAT Driver for Linux before version 1.7.l.4.12 may allow an authenticated user to potentially enable denial of service via local access.