CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-36905 – Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36905
Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36905 • CWE-125: Out-of-bounds Read •
CVSS: 5.6EPSS: 0%CPEs: 301EXPL: 1CVE-2023-20569 – amd: Return Address Predictor vulnerability leading to information disclosure
https://notcve.org/view.php?id=CVE-2023-20569
This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. ... This issue may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure. • http://www.openwall.com/lists/oss-security/2023/08/08/4 http://xenbits.xen.org/xsa/advisory-434.html https://comsec.ethz.ch/research/microarch/inception https://lists.debian.org/debian-lts-announce/2023/08/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKKYIK2EASDNUV4I7EFJKNBVO3KCKGRR https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4E4TZNMLYL2KETY23IPA43QXFAVJ46V https://lists.fedoraproject.org/archives/list/pack • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39549 – Siemens Solid Edge Viewer DWG File Parsing Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-39549
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted DWG file. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19562) Se ha identificado una vulnerabilidad en Solid Edge SE2023 que afecta a la versiones inferiores a la V223.0 Update 2. La aplicación afectada contiene una vulnerabilidad use-after-free que podría ser activada al analizar un archivo DWG especialmente diseñado. • https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 86EXPL: 0CVE-2023-21647 – Improper Input Validation in Bluetooth HOST
https://notcve.org/view.php?id=CVE-2023-21647
Information disclosure in Bluetooth when an GATT packet is received due to improper input validation. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-20: Improper Input Validation •
CVSS: 8.2EPSS: 0%CPEs: 92EXPL: 0CVE-2023-21625 – Buffer Over-read in Network Services
https://notcve.org/view.php?id=CVE-2023-21625
Information disclosure in Network Services due to buffer over-read while the device receives DNS response. • https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •