CVE-2023-29464 – Rockwell Automation FactoryTalk Linx Vulnerable to Denial-of-Service and Information Disclosure
https://notcve.org/view.php?id=CVE-2023-29464
Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. • https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141040 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVE-2023-4562 – Information Disclosure, Information Tampering and Authentication Bypass Vulnerability in MELSEC-F Series main module
https://notcve.org/view.php?id=CVE-2023-4562
Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages. Vulnerabilidad de autenticación incorrecta en los módulos principales de la serie MELSEC-F de Mitsubishi Electric Corporation permite que un atacante remoto no autenticado obtenga programas de secuencia del producto o escriba programas de secuencia maliciosos o datos inadecuados en el producto sin autenticación mediante el envío de mensajes ilegítimos. • https://jvn.jp/vu/JVNVU90509290 https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-13 https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-012_en.pdf • CWE-287: Improper Authentication •
CVE-2023-45834 – WordPress Libsyn Publisher Hub Plugin <= 1.4.4 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-45834
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Libsyn Libsyn Publisher Hub. Este problema afecta a Libsyn Publisher Hub: desde n/a hasta 1.4.4. The Libsyn Publisher Hub plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.4. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/vulnerability/libsyn-podcasting/wordpress-libsyn-publisher-hub-plugin-1-4-4-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-32275
https://notcve.org/view.php?id=CVE-2023-32275
An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753 https://www.softether.org/9-about/News/904-SEVPN202301 • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-668: Exposure of Resource to Wrong Sphere •
CVE-2023-31192
https://notcve.org/view.php?id=CVE-2023-31192
An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1768 https://www.softether.org/9-about/News/904-SEVPN202301 • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •