CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-28198 – Apple Safari DFG Fixup Phase Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-28198
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution. Se ha solucionado un problema de use-after-free con una mejora en la gestión de memoria. Este problema se ha solucionado en iOS 16.4 y iPadOS 16.4, macOS Ventura 13.3. • http://www.openwall.com/lists/oss-security/2023/09/11/1 https://security.gentoo.org/glsa/202401-04 https://support.apple.com/en-us/HT213670 https://support.apple.com/en-us/HT213676 https://access.redhat.com/security/cve/CVE-2023-28198 https://bugzilla.redhat.com/show_bug.cgi?id=2238943 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-30950 – CVE-2023-30950
https://notcve.org/view.php?id=CVE-2023-30950
The foundry campaigns service was found to be vulnerable to an unauthenticated information disclosure in a rest endpoint • https://palantir.safebase.us/?tcuUid=d839709d-c50f-4a37-8faa-b0c35054418a • CWE-290: Authentication Bypass by Spoofing CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-25524
https://notcve.org/view.php?id=CVE-2023-25524
A successful exploit of this vulnerability may lead to information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5472 • CWE-598: Use of GET Request Method With Sensitive Query Strings •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22277
https://notcve.org/view.php?id=CVE-2023-22277
By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. • https://jvn.jp/en/vu/JVNVU92877622 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22314
https://notcve.org/view.php?id=CVE-2023-22314
By having a user open a specially crafted CXP file, information disclosure and/or arbitrary code execution may occur. • https://jvn.jp/en/vu/JVNVU92877622 • CWE-416: Use After Free •