CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-3247 – Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
https://notcve.org/view.php?id=CVE-2023-3247
A vulnerability was found in PHP where the weak randomness affects applications that use SOAP with HTTP Digest authentication against a possibly malicious server over HTTP allows a remote authenticated attackers to cause a stack information leak. • https://github.com/php/php-src/security/advisories/GHSA-76gg-c692-v2mw https://access.redhat.com/security/cve/CVE-2023-3247 https://bugzilla.redhat.com/show_bug.cgi?id=2219290 • CWE-252: Unchecked Return Value CWE-330: Use of Insufficiently Random Values CWE-334: Small Space of Random Values •
CVSS: 6.2EPSS: 0%CPEs: 134EXPL: 0CVE-2023-21624 – Information Exposure in DSP Services
https://notcve.org/view.php?id=CVE-2023-21624
Information disclosure in DSP Services while loading dynamic module. • https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.4EPSS: 0%CPEs: 9EXPL: 0CVE-2023-20748
https://notcve.org/view.php?id=CVE-2023-20748
This could lead to local information disclosure with System execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2023 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25522
https://notcve.org/view.php?id=CVE-2023-25522
A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5461 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25521
https://notcve.org/view.php?id=CVE-2023-25521
A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5461 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •