CVSS: 7.5EPSS: 18%CPEs: 1EXPL: 0CVE-2023-20889 – VMware Aria Operations for Networks exportPDF Code Injection Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-20889
Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure. This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMware Aria Operations for Networks. • https://www.vmware.com/security/advisories/VMSA-2023-0012.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-20884
https://notcve.org/view.php?id=CVE-2023-20884
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure. • https://www.vmware.com/security/advisories/VMSA-2023-0011.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-20870 – VMware Workstation UHCI Component Uninitialized Variable Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-20870
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. • https://www.vmware.com/security/advisories/VMSA-2023-0008.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-0198
https://notcve.org/view.php?id=CVE-2023-0198
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-0192
https://notcve.org/view.php?id=CVE-2023-0192
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer handler, where improper privilege management can lead to escalation of privileges and information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-269: Improper Privilege Management •