CVE-2023-25057 – WordPress Libsyn Publisher Hub Plugin <= 1.3.2 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-25057
This can allow unauthenticated attackers to extract sensitive data. • https://patchstack.com/database/vulnerability/libsyn-podcasting/wordpress-libsyn-publisher-hub-plugin-1-3-2-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVE-2023-28834 – Full path of data directory exposed to Nextcloud server users
https://notcve.org/view.php?id=CVE-2023-28834
Nextcloud Server 24.0.0 until 24.0.6 and 25.0.0 until 25.0.4, as well as Nextcloud Enterprise Server 23.0.0 until 23.0.11, 24.0.0 until 24.0.6, and 25.0.0 until 25.0.4, have an information disclosure vulnerability. A user was able to get the full data directory path of the Nextcloud server from an API endpoint. • https://github.com/nextcloud/security-advisories/security/advisories/GHSA-5w64-6c42-rgcv https://github.com/nextcloud/server/issues/33883 https://github.com/nextcloud/server/pull/36094 https://hackerone.com/reports/1690510 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVE-2023-1790 – SourceCodester Simple Task Allocation System index.php information disclosure
https://notcve.org/view.php?id=CVE-2023-1790
The manipulation of the argument page leads to information disclosure. ... Mittels dem Manipulieren des Arguments page mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/uploadcve.md https://vuldb.com/?ctiid.224724 https://vuldb.com/?id.224724 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-0198
https://notcve.org/view.php?id=CVE-2023-0198
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-0195
https://notcve.org/view.php?id=CVE-2023-0195
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer driver nvlddmkm.sys, where an can cause CWE-1284, which may lead to hypothetical Information leak of unimportant data such as local variable data of the driver • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-1284: Improper Validation of Specified Quantity in Input •