CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2022-25731 – Incorrect Calculation of Buffer Size in MODEM
https://notcve.org/view.php?id=CVE-2022-25731
Information disclosure in modem due to buffer over-read while processing packets from DNS server • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-125: Out-of-bounds Read CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 8.2EPSS: 0%CPEs: 54EXPL: 0CVE-2022-25730 – Buffer Over-read in MODEM
https://notcve.org/view.php?id=CVE-2022-25730
Information disclosure in modem due to improper check of IP type while processing DNS server query • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 8.2EPSS: 0%CPEs: 52EXPL: 0CVE-2022-25726 – Buffer Over-read in MODEM
https://notcve.org/view.php?id=CVE-2022-25726
Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet • https://www.qualcomm.com/company/product-security/bulletins/april-2023-bulletin • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25057 – WordPress Libsyn Publisher Hub Plugin <= 1.3.2 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-25057
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.3.2. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Libsyn Libsyn Publisher Hub. Este problema afecta a Libsyn Publisher Hub: desde n/a hasta 1.3.2. The Libsyn Publisher Hub plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.3.2 via its AJAX actions. This can allow unauthenticated attackers to extract sensitive data. • https://patchstack.com/database/vulnerability/libsyn-podcasting/wordpress-libsyn-publisher-hub-plugin-1-3-2-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 2CVE-2023-28834 – Full path of data directory exposed to Nextcloud server users
https://notcve.org/view.php?id=CVE-2023-28834
Nextcloud Server 24.0.0 until 24.0.6 and 25.0.0 until 25.0.4, as well as Nextcloud Enterprise Server 23.0.0 until 23.0.11, 24.0.0 until 24.0.6, and 25.0.0 until 25.0.4, have an information disclosure vulnerability. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5w64-6c42-rgcv https://github.com/nextcloud/server/issues/33883 https://github.com/nextcloud/server/pull/36094 https://hackerone.com/reports/1690510 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •