CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-29261 – IBM Sterling Secure Proxy information disclosure
https://notcve.org/view.php?id=CVE-2023-29261
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139. IBM Sterling Secure Proxy v6.0.3 y v6.1.0 podrían permitir a un usuario local con información específica sobre el sistema obtener información privilegiada debido a una limpieza inadecuada de la memoria durante las operaciones. ID de IBM X-Force: 252139. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252139 https://https://www.ibm.com/support/pages/node/7029765 https://www.ibm.com/support/pages/node/7029765 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41735 – WordPress Email posts to subscribers Plugin <= 6.2 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-41735
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gopi Ramasamy Email posts to subscribers.This issue affects Email posts to subscribers: from n/a through 6.2. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en publicaciones de correo electrónico de Gopi Ramasamy para suscriptores. Este problema afecta las publicaciones de correo electrónico para suscriptores: desde n/a hasta 6.2. The Email posts to subscribers for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elp_plugin_parse_request() function in versions up to, and including 6.2. This makes it possible for unauthenticated attackers to invoke additional functions and export the email addresses of subscribers. • https://patchstack.com/database/vulnerability/email-posts-to-subscribers/wordpress-email-posts-to-subscribers-plugin-6-2-sensitive-data-exposure? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-32338 – IBM Sterling Secure Proxy information disclosure
https://notcve.org/view.php?id=CVE-2023-32338
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585. IBM Sterling Secure Proxy e IBM Sterling External Authentication Server v6.0.3 y v6.1.0 almacenan credenciales de usuario en texto claro que puede leer un usuario local con acceso al contenedor. IBM X-Force ID: 255585. • https://exchange.xforce.ibmcloud.com/vulnerabilities/255585 https://https://www.ibm.com/support/pages/node/7029765 https://www.ibm.com/support/pages/node/7029765 https://www.ibm.com/support/pages/node/7029766 • CWE-522: Insufficiently Protected Credentials •
CVSS: 4.4EPSS: 0%CPEs: 35EXPL: 0CVE-2023-32817
https://notcve.org/view.php?id=CVE-2023-32817
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 35EXPL: 0CVE-2023-32816
https://notcve.org/view.php?id=CVE-2023-32816
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/September-2023 • CWE-125: Out-of-bounds Read •