CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21267
https://notcve.org/view.php?id=CVE-2023-21267
This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/cb7e9c7549a2a076ec00db15e3da0d21b31b0b1c https://android.googlesource.com/platform/frameworks/base/+/cecddcd865f72d76f7aacb1cf4479365847299f9 https://android.googlesource.com/platform/frameworks/base/+/e205cd30e91d8eeadf562140c34c306ebf7d6394 https://source.android.com/security/bulletin/2024-04-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21265
https://notcve.org/view.php?id=CVE-2023-21265
This could lead to remote information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/system/ca-certificates/+/6065b4a4c7da9cc9ee01c2f6389575647d2724c4 https://source.android.com/security/bulletin/2023-08-01 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-31041
https://notcve.org/view.php?id=CVE-2023-31041
System password information could optionally be stored in cleartext, which might lead to possible information disclosure. • https://www.insyde.com/security-pledge/SA-2023047 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 4CVE-2023-3824 – Buffer overflow and overread in phar_dir_read()
https://notcve.org/view.php?id=CVE-2023-3824
A flaw was found in PHP that can lead to a buffer overflow and a stack information leak due to improper bounds checking within the phar_dir_read() function. • https://github.com/jhonnybonny/CVE-2023-3824 https://github.com/m1sn0w/CVE-2023-3824 https://github.com/Starla2u/CVE-2023-3824-PHP-to-RCE-LockBit-LEAK https://github.com/php/php-src/security/advisories/GHSA-jqcx-ccgc-xwhv https://lists.debian.org/debian-lts-announce/2023/09/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NBF77WN6DTVTY2RE73IGPYD6M4PIAWA https://security.netapp.com/advisory/ntap-20230825-0001 https://access.redhat.com& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32609
https://notcve.org/view.php?id=CVE-2023-32609
Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00932.html • CWE-284: Improper Access Control •