Page 381 of 10738 results (0.042 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

This could lead to remote information disclosure with baseband firmware compromise required. • https://source.android.com/security/bulletin/pixel/2023-10-01 • CWE-125: Out-of-bounds Read •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 1

This is an information leak. • https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY https://phabricator.wikimedia.org/T341529 •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 12.0.4 (y anteriores) y 13.0.3 (y anteriores) de Adobe Bridge se ven afectadas por una vulnerabilidad Use After Free, que podría provocar la divulgación de memoria confidencial. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. • https://helpx.adobe.com/security/products/bridge/apsb23-49.html • CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 12.0.4 (y anteriores) y 13.0.3 (y anteriores) de Adobe Bridge se ven afectadas por una vulnerabilidad de Lectura Fuera de los Límites que podría provocar la divulgación de memoria confidencial. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. • https://helpx.adobe.com/security/products/bridge/apsb23-49.html • CWE-125: Out-of-bounds Read •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 2

The WordPress File Sharing Plugin WordPress plugin before 2.0.5 does not check authorization before displaying files and folders, allowing users to gain access to those filed by manipulating IDs which can easily be brute forced El complemento WordPress File Sharing Plugin de WordPress anterior a 2.0.5 no verifica la autorización antes de mostrar archivos y carpetas, lo que permite a los usuarios obtener acceso a los archivados manipulando ID que pueden ser fácilmente forzados. The WordPress File Sharing Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to 2.0.5 (exclusive) via the upvf_pro_preview_file function due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to gain access to files and folders belonging to other users. • https://research.cleantalk.org/cve-2023-4836-user-private-files-idor-to-sensitive-data-and-private-files-exposure-leak-of-info-poc https://wpscan.com/vulnerability/c17f2534-d791-4fe3-b45b-875777585dc6 • CWE-639: Authorization Bypass Through User-Controlled Key •