CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28043
https://notcve.org/view.php?id=CVE-2023-28043
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade path. • https://www.dell.com/support/kbdoc/en-us/000214205/dsa-2023-164-dell-secure-connect-gateway-security-update-for-multiple-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-2977 – opensc: buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package
https://notcve.org/view.php?id=CVE-2023-2977
Further info leak or more damage is possible. • https://access.redhat.com/security/cve/CVE-2023-2977 https://bugzilla.redhat.com/show_bug.cgi?id=2211088 https://github.com/OpenSC/OpenSC/issues/2785 https://github.com/OpenSC/OpenSC/pull/2787 https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FJD4Q4AJSGE5UIJI7OUYZY4HGGCVYQNI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LAR54OV6EHA56B4XJF6RNPQ4HJ2ITU66 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 27EXPL: 0CVE-2022-35758 – Windows Kernel Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-35758
Windows Kernel Memory Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35758 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33979 – gpt_academic's Configuration File vulnerable to File Information Disclosure
https://notcve.org/view.php?id=CVE-2023-33979
The manipulation of the argument file leads to information disclosure. Since no sensitive files are configured to be off-limits, sensitive information files in some working directories can be read through the `/file` route, leading to sensitive information leakage. • https://github.com/binary-husky/gpt_academic/commit/1dcc2873d2168ad2d3d70afcb453ac1695fbdf02 https://github.com/binary-husky/gpt_academic/security/advisories/GHSA-pg65-p24m-wf5g • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3006 – RHEL: Add Spectre-BHB mitigation for AmpereOne
https://notcve.org/view.php?id=CVE-2023-3006
This issue leads to information disclosure. • https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/commit/?id=0e5d5ae837c8 https://access.redhat.com/security/cve/CVE-2023-3006 https://bugzilla.redhat.com/show_bug.cgi?id=2141026 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-226: Sensitive Information in Resource Not Removed Before Reuse •