CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4098 – Multiple vulnerabilities in IDM Sistemas QSige
https://notcve.org/view.php?id=CVE-2023-4098
It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.1EPSS: 0%CPEs: 172EXPL: 0CVE-2023-28571 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-28571
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.2EPSS: 0%CPEs: 476EXPL: 0CVE-2023-24849 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-24849
Information Disclosure in data Modem while parsing an FMTP line in an SDP message. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 8.2EPSS: 0%CPEs: 488EXPL: 0CVE-2023-24848 – Buffer Over-read in Data Modem
https://notcve.org/view.php?id=CVE-2023-24848
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. • https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin • CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2487 – WordPress WP Ultimate Exporter Plugin <= 2.4.1 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-2487
This can allow unauthenticated attackers to extract sensitive data from accessible log files which can contain information from posts, pages, users, comments, and more. • https://patchstack.com/database/vulnerability/wp-ultimate-exporter/wordpress-export-all-posts-products-orders-refunds-users-plugin-2-2-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •