CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-26495 – Siemens Solid Edge Viewer DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-26495
Crafted data in a DWG file can trigger a read past the end of an allocated buffer. • https://www.opendesign.com/security-advisories • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1809 – Download Manager Pro < 6.3.0 - Unauthenticated Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2023-1809
This can allow unauthenticated attackers to retrieve the key and extract sensitive data contained in password protected package files. • https://wpscan.com/vulnerability/57f0a078-fbeb-4b05-8892-e6d99edb82c1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2023-1916
https://notcve.org/view.php?id=CVE-2023-1916
A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. • https://gitlab.com/libtiff/libtiff/-/issues/536 https://gitlab.com/libtiff/libtiff/-/issues/536%2C https://gitlab.com/libtiff/libtiff/-/issues/537 https://support.apple.com/kb/HT213844 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-43928 – IBM Db2 Mirror for i information disclosure
https://notcve.org/view.php?id=CVE-2022-43928
This means sensitive data could be visible in memory over an indefinite amount of time. IBM has addressed this issue by reducing the amount of time the sensitive data is visible in memory. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241675 https://www.ibm.com/support/pages/node/6981113 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34333 – IBM Sterling Order Management information disclosure
https://notcve.org/view.php?id=CVE-2022-34333
IBM Sterling Order Management 10.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 229698. • https://exchange.xforce.ibmcloud.com/vulnerabilities/229698 https://www.ibm.com/support/pages/node/6981917 • CWE-521: Weak Password Requirements •