CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-41186 – D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-41186
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability. • https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10351 https://www.zerodayinitiative.com/advisories/ZDI-23-1323 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.7EPSS: 0%CPEs: 5EXPL: 0CVE-2023-41050 – Information disclosure through Python's "format" functionality in Zope AccessControl
https://notcve.org/view.php?id=CVE-2023-41050
This can lead to critical information disclosure. • https://github.com/zopefoundation/AccessControl/commit/6bc32692e0d4b8d5cf64eae3d19de987c7375bc9 https://github.com/zopefoundation/AccessControl/security/advisories/GHSA-8xv7-89vj-q48c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4244 – Use-after-free in Linux kernel's netfilter: nf_tables component
https://notcve.org/view.php?id=CVE-2023-4244
This flaw allows a local attacker to crash the system due to a missing call to `nft_set_elem_mark_busy`, causing double deactivation of the element and possibly leading to a kernel information leak problem. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3e91b0ebd994635df2346353322ac51ce84ce6d8 https://kernel.dance/3e91b0ebd994635df2346353322ac51ce84ce6d8 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://access.redhat.com/security/cve/CVE-2023-4244 https://bugzilla.redhat.com/show_bug.cgi?id=2235306 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-36060 – Adobe Media Encoder MPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-36060
Adobe Media Encoder version 15.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Media Encoder versión 15.2 (y anteriores) está afectado por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para omitir mitigaciones como ASLR. • https://helpx.adobe.com/security/products/media-encoder/apsb21-43.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4485 – ARDEREG Sistemas SCADA SQL Injection
https://notcve.org/view.php?id=CVE-2023-4485
In this case, the vulnerability could allow an attacker to execute arbitrary SQL queries through the login page, potentially leading to unauthorized access, data leakage, or even disruption of critical industrial processes. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-01 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •