CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38106 – Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38106
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. • https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-23-984 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38110 – Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38110
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-23-988 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38109 – Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-38109
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://www.foxit.com/support/security-bulletins.html https://www.zerodayinitiative.com/advisories/ZDI-23-987 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 3CVE-2023-38499 – typo3/cms-core Information Disclosure due to Out-of-scope Site Resolution
https://notcve.org/view.php?id=CVE-2023-38499
TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site by adding handcrafted query parameters to the URL of a site that was publicly available. TYPO3 versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, 12.4.4 fix the problem. TYPO3 es un sistema de gestión de contenidos web de código abierto basado en PHP. • https://github.com/miguelc49/CVE-2023-38499-1 https://github.com/miguelc49/CVE-2023-38499-2 https://github.com/miguelc49/CVE-2023-38499-3 https://github.com/TYPO3/typo3/commit/702e2debd4b28f9cdb540544565fe6a8627ccb6a https://github.com/TYPO3/typo3/security/advisories/GHSA-jq6g-4v5m-wm9r https://typo3.org/security/advisory/typo3-core-sa-2023-003 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-3773 – Kernel: xfrm: out-of-bounds read of xfrma_mtimer_thresh nlattr
https://notcve.org/view.php?id=CVE-2023-3773
This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace. • https://access.redhat.com/errata/RHSA-2023:6583 https://access.redhat.com/security/cve/CVE-2023-3773 https://bugzilla.redhat.com/show_bug.cgi?id=2218944 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://www.debian.org/security/2023/dsa-5492 • CWE-125: Out-of-bounds Read •