CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21991 – Oracle VirtualBox VGA MMIO Handling Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21991
Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. ... The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21989 – Oracle VirtualBox OHCI USB Controller Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21989
Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21988 – Oracle VirtualBox GPA Request Handling Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21988
Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22307 – Site-Passwords in GET parameters
https://notcve.org/view.php?id=CVE-2023-22307
Sensitive data exposure in Webconf in Tribe29 Checkmk Appliance before 1.6.4 allows local attacker to retrieve passwords via reading log files. • https://checkmk.com/werk/9522 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-598: Use of GET Request Method With Sensitive Query Strings CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27909 – Microsoft Office Word FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-27909
An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure. ... The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0004 • CWE-787: Out-of-bounds Write •