CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39800
https://notcve.org/view.php?id=CVE-2021-39800
12 Apr 2022 — In ion_ioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/2022-04-01 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-27671
https://notcve.org/view.php?id=CVE-2022-27671
12 Apr 2022 — A CSRF token visible in the URL may possibly lead to information disclosure vulnerability. • https://launchpad.support.sap.com/#/notes/3130497 • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27667
https://notcve.org/view.php?id=CVE-2022-27667
12 Apr 2022 — Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure. • https://launchpad.support.sap.com/#/notes/3145769 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28308 – Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28308
12 Apr 2022 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the c... • https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0003 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28309 – Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28309
12 Apr 2022 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the c... • https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0003 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28312 – Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28312
12 Apr 2022 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitra... • https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0003 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28313 – Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28313
12 Apr 2022 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3DS files. Crafted data in a 3DS file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitra... • https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0003 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-28645 – Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-28645
12 Apr 2022 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN files. Crafted data in a DGN file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrar... • https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0004 • CWE-125: Out-of-bounds Read •
CVSS: 4.4EPSS: 0%CPEs: 18EXPL: 0CVE-2022-20079
https://notcve.org/view.php?id=CVE-2022-20079
11 Apr 2022 — This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2022 • CWE-908: Use of Uninitialized Resource •
CVSS: 4.4EPSS: 0%CPEs: 65EXPL: 0CVE-2022-20076
https://notcve.org/view.php?id=CVE-2022-20076
11 Apr 2022 — This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/April-2022 • CWE-755: Improper Handling of Exceptional Conditions •