CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38830
https://notcve.org/view.php?id=CVE-2023-38830
An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. una filtración de información en PHPJabbers Yacht Listing Script v1.0 permite a los atacantes exportar los números de tarjetas de crédito de los clientes desde el módulo de Reservas. • https://medium.com/%40milfortutz/multiple-vulnerabilities-in-phpjabbers-part-2-4fa5e2ccfe2e https://www.phpjabbers.com/yacht-listing-script • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-24471 – Information disclosure via the debug function in assertions in Guardian/CMC before 22.6.2
https://notcve.org/view.php?id=CVE-2023-24471
An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality. An authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data that would normally be not accessible in the Query and Assertions functions. Se ha encontrado una vulnerabilidad en el control de acceso, debido a que las restricciones que se aplican en las aserciones reales no se aplican en su funcionalidad de depuración. Un usuario autenticado con visibilidad reducida puede obtener información no autorizada a través de la funcionalidad de depuración, obteniendo datos que normalmente no serían accesibles en las funciones de Consulta y Aserciones. • https://security.nozominetworks.com/NN-2023:5-01 • CWE-863: Incorrect Authorization •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38213 – ZDI-CAN-21094: Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38213
Adobe Dimension version 3.4.9 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Dimension versión 3.4.9 es afectada por una lectura fuera de los límites que podría conducir a la divulgación de memoria sensible. Un atacante podría aprovechar esta vulnerabilidad para eludir mitigaciones como ASLR. • https://helpx.adobe.com/security/products/dimension/apsb23-44.html • CWE-125: Out-of-bounds Read •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39482 – Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-39482
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-23-1064 • CWE-321: Use of Hard-coded Cryptographic Key •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39209
https://notcve.org/view.php?id=CVE-2023-39209
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-20: Improper Input Validation CWE-449: The UI Performs the Wrong Action •