CVE-2023-32275
https://notcve.org/view.php?id=CVE-2023-32275
An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753 https://www.softether.org/9-about/News/904-SEVPN202301 • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-31192
https://notcve.org/view.php?id=CVE-2023-31192
An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1768 https://www.softether.org/9-about/News/904-SEVPN202301 • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVE-2023-27315 – Information Disclosure Vulnerability in SnapGathers
https://notcve.org/view.php?id=CVE-2023-27315
SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext domain user credentials Las versiones de SnapGathers anteriores a la 4.9 son susceptibles a una vulnerabilidad que podría permitir a un atacante local autenticado descubrir credenciales de usuario de dominio en texto plano. • https://security.netapp.com/advisory/ntap-20231009-0002 • CWE-256: Plaintext Storage of a Password CWE-522: Insufficiently Protected Credentials •
CVE-2023-35661
https://notcve.org/view.php?id=CVE-2023-35661
This could lead to remote information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2023-10-01 • CWE-125: Out-of-bounds Read •
CVE-2023-35653
https://notcve.org/view.php?id=CVE-2023-35653
This could lead to local information disclosure with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2023-10-01 • CWE-863: Incorrect Authorization •