CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27938 – Apple GarageBand MIDI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-27938
Crafted data in a MIDI file can trigger a read past the end of an allocated data structure. • https://support.apple.com/en-us/HT213650 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1524 – Download Manager < 3.2.71 - Broken Access Controls
https://notcve.org/view.php?id=CVE-2023-1524
The Download Manager plugin for WordPress is vulnerable to information disclosure in versions up to, and including, 3.2.7.0, due to insufficient validation of passwords on password protected files. • https://wpscan.com/vulnerability/3802d15d-9bfd-4762-ab8a-04475451868e • CWE-285: Improper Authorization •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-43877 – IBM UrbanCode Deploy (UCD) information disclosure
https://notcve.org/view.php?id=CVE-2022-43877
IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. IBM X-Force ID: 240148. • https://exchange.xforce.ibmcloud.com/vulnerabilities/240148 https://www.ibm.com/support/pages/node/6967351 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22313 – IBM QRadar Data Synchronization App information disclosure
https://notcve.org/view.php?id=CVE-2022-22313
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://exchange.xforce.ibmcloud.com/vulnerabilities/217370 https://www.ibm.com/support/pages/node/6980797 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2023-1859
https://notcve.org/view.php?id=CVE-2023-1859
This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak. • https://lore.kernel.org/all/20230313090002.3308025-1-zyytlz.wz%40163.com • CWE-416: Use After Free •