CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38421 – Apple macOS Hydra Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38421
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. Processing a 3D model may result in disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the Hydra library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the Hydra framework. • https://support.apple.com/en-us/HT213843 https://support.apple.com/en-us/HT213844 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38671 – Heap buffer overflow in paddle.trace
https://notcve.org/view.php?id=CVE-2023-38671
This flaw can lead to a denial of service, information disclosure, or more damage is possible. • https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-003.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32468
https://notcve.org/view.php?id=CVE-2023-32468
Dell ECS Streamer, versions prior to 2.0.7.1, contain an insertion of sensitive information in log files vulnerability. A remote malicious high-privileged user could potentially exploit this vulnerability leading to exposure of this sensitive data. • https://www.dell.com/support/kbdoc/en-us/000215903/dsa-2023-254-security-update-for-dell-ecs-streamer-sensitive-data-exposure-vulnerability • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-20891 – VMware Tanzu Application Service for VMs and Isolation Segment information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2023-20891
The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. • https://www.vmware.com/security/advisories/VMSA-2023-0016.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38115 – Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38115
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. • https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-23-993 • CWE-125: Out-of-bounds Read •