Page 496 of 10613 results (0.046 seconds)

CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0

CVE-2023-3141 – kernel: Use after free bug in r592_remove

https://notcve.org/view.php?id=CVE-2023-3141

This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. ... This issue may allow a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7 https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t https://security.netapp.com/advisory/ntap-20230706-0004 https://access.redhat.com • CWE-416: Use After Free •

CVSS: 3.7EPSS: 0%CPEs: 14EXPL: 0

CVE-2023-33847 – IBM CICS TX information disclosure

https://notcve.org/view.php?id=CVE-2023-33847

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 257102. • https://exchange.xforce.ibmcloud.com/vulnerabilities/257102 https://www.ibm.com/support/pages/node/7001635 https://www.ibm.com/support/pages/node/7001641 https://www.ibm.com/support/pages/node/7001645 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-0691 – Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf_last_name shortcode

https://notcve.org/view.php?id=CVE-2023-0691

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_last_name' shortcode in versions up to, and including, 3.3.1. • https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078 https://plugins.trac.wordpress.org/changeset/2910040 https://www.wordfence.com/threat-intel/vulnerabilities/id/8fc4b815-dc05-4270-bf7a-3b01622739d7?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-34294 – Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability

https://notcve.org/view.php?id=CVE-2023-34294

Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability. • https://www.zerodayinitiative.com/advisories/ZDI-23-853 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2023-0694 – Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf shortcode

https://notcve.org/view.php?id=CVE-2023-0694

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in versions up to, and including, 3.3.1. • https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078 https://plugins.trac.wordpress.org/changeset/2910040 https://www.wordfence.com/threat-intel/vulnerabilities/id/1a8b194c-371f-4adc-98fa-8f4e47a38ee7?source=cve • CWE-639: Authorization Bypass Through User-Controlled Key •