CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-26401 – ZDI-CAN-20278: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-26401
Crafted data in a USD file can trigger a read past the end of an allocated buffer. • https://helpx.adobe.com/security/products/dimension/apsb23-27.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-26403 – ZDI-CAN-20259: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-26403
The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. • https://helpx.adobe.com/security/products/substance3d_stager/apsb23-26.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-26404 – ZDI-CAN-20143: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-26404
Crafted data in a USD file can trigger a read past the end of an allocated buffer. • https://helpx.adobe.com/security/products/dimension/apsb23-27.html • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27703
https://notcve.org/view.php?id=CVE-2023-27703
The Android version of pikpak v1.29.2 was discovered to contain an information leak via the debug interface. • https://github.com/happy0717/CVE-2023-27703 https://drive.google.com/drive/folders/1Szu9pjivVtG93ceECvnoAjeSABVyfDES?usp=sharing •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 3CVE-2023-22620 – SecurePoint UTM 12.x Session ID Leak
https://notcve.org/view.php?id=CVE-2023-22620
The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. • http://packetstormsecurity.com/files/171924/SecurePoint-UTM-12.x-Session-ID-Leak.html http://seclists.org/fulldisclosure/2023/Apr/7 https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2023-22620.txt https://rcesecurity.com • CWE-863: Incorrect Authorization •