CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-20662 – Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-20662
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability Vulnerabilidad de divulgación de información de Online Certificate Status Protocol (OCSP) de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20662 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51701 – @fastify-reply-from JSON Content-Type parsing confusion
https://notcve.org/view.php?id=CVE-2023-51701
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with `@fastify/reply-from` could misinterpret the incoming body by passing an header `ContentType: application/json ; charset=utf-8`. This can lead to bypass of security checks. This vulnerability has been patched in '@fastify/reply-from` version 9.6.0. fastify-reply-from es un complemento de Fastify para reenviar la solicitud HTTP actual a otro servidor. Un servidor proxy inverso creado con `@fastify/reply-from` podría malinterpretar el cuerpo entrante al pasar un encabezado `ContentType: application/json; charset=utf-8`. • https://github.com/fastify/fastify-reply-from/releases/tag/v9.6.0 https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-v2v2-hph8-q5xp • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46836 – x86: BTC/SRSO fixes not fully effective
https://notcve.org/view.php?id=CVE-2023-46836
The fixes for XSA-422 (Branch Type Confusion) and XSA-434 (Speculative Return Stack Overflow) are not IRQ-safe. ... Las correcciones para XSA-422 (Branch Type Confusion) y XSA-434 (Speculative Return Stack Overflow) no son seguras para IRQ. • https://xenbits.xenproject.org/xsa/advisory-446.html •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51428
https://notcve.org/view.php?id=CVE-2023-51428
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak. Algunos productos Honor se ven afectados por una vulnerabilidad de confusión de tipos; una explotación exitosa podría provocar una fuga de información. • https://www.hihonor.com/global/security/cve-2023-51428 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51427
https://notcve.org/view.php?id=CVE-2023-51427
Some Honor products are affected by type confusion vulnerability, successful exploitation could cause information leak. Algunos productos Honor se ven afectados por una vulnerabilidad de confusión de tipos; una explotación exitosa podría provocar una fuga de información. • https://www.hihonor.com/global/security/cve-2023-51427 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •