CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22338
https://notcve.org/view.php?id=CVE-2023-22338
Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J7RNFPWOSFII2JE2KDRHPLJANZC3YATW https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L27GRS7E45IOCZ44VQX2NJ33GVRBWHBS https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TULYSWHC3X76AIGGMUSLBTWOXNND6IEV • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 142EXPL: 0CVE-2022-27879
https://notcve.org/view.php?id=CVE-2022-27879
Improper buffer restrictions in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html https://security.netapp.com/advisory/ntap-20230824-0001 • CWE-92: DEPRECATED: Improper Sanitization of Custom Special Characters CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 474EXPL: 0CVE-2022-38083
https://notcve.org/view.php?id=CVE-2022-38083
Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html https://security.netapp.com/advisory/ntap-20230824-0001 • CWE-665: Improper Initialization •
CVSS: 6.0EPSS: 0%CPEs: 31EXPL: 0CVE-2022-34657
https://notcve.org/view.php?id=CVE-2022-34657
Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access. • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40211 – WordPress Post Grid Plugin <= 2.2.50 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-40211
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en PPickPlugins Post Grid Combo – 36+ Gutenberg Blocks. Este problema afecta a Post Grid Combo – 36+ Gutenberg Blocks: desde n/a hasta 2.2.50. The Post Grid plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple REST API endpoints in versions up to, and including, 2.2.50. This makes it possible for unauthenticated attackers to expose sensitive inforamtion. • https://patchstack.com/database/vulnerability/post-grid/wordpress-post-grid-combo-plugin-2-2-50-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •