CVSS: 7.1EPSS: 0%CPEs: 19EXPL: 0CVE-2022-34684 – Gentoo Linux Security Advisory 202310-02
https://notcve.org/view.php?id=CVE-2022-34684
30 Dec 2022 — NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5415 • CWE-125: Out-of-bounds Read CWE-193: Off-by-one Error •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31708 – VMware vRealize Operations CaSA Improper Access Control Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-31708
16 Dec 2022 — VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4. This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMware vRealize Operations. • https://www.vmware.com/security/advisories/VMSA-2022-0034.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31703 – VMware vRealize Network Insight downloadFile Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-31703
14 Dec 2022 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMware vRealize Network Insight. • https://www.vmware.com/security/advisories/VMSA-2023-0001.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 0%CPEs: 70EXPL: 0CVE-2022-31697
https://notcve.org/view.php?id=CVE-2022-31697
13 Dec 2022 — The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. • https://www.vmware.com/security/advisories/VMSA-2022-0030.html • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 285EXPL: 0CVE-2022-31699
https://notcve.org/view.php?id=CVE-2022-31699
13 Dec 2022 — VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure. VMware ESXi contiene una vulnerabilidad de desbordamiento del heap. • https://www.vmware.com/security/advisories/VMSA-2022-0030.html • CWE-787: Out-of-bounds Write •
CVSS: 9.4EPSS: 2%CPEs: 2EXPL: 0CVE-2022-31678
https://notcve.org/view.php?id=CVE-2022-31678
28 Oct 2022 — VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. VMware Cloud Foundation (NSX-V) contiene una vulnerabilidad de entidad externa XML (XXE). • https://www.vmware.com/security/advisories/VMSA-2022-0027.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.0EPSS: 6%CPEs: 1EXPL: 0CVE-2022-31673
https://notcve.org/view.php?id=CVE-2022-31673
09 Aug 2022 — VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. ... VMware vRealize Operations contiene una vulnerabilidad de divulgación de información. • https://www.vmware.com/security/advisories/VMSA-2022-0022.html •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31674
https://notcve.org/view.php?id=CVE-2022-31674
09 Aug 2022 — VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure. VMware vRealize Operations contiene una vulnerabilidad de divulgación de información. • https://www.vmware.com/security/advisories/VMSA-2022-0022.html • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 264EXPL: 0CVE-2022-23825 – hw: cpu: AMD: Branch Type Confusion (non-retbleed)
https://notcve.org/view.php?id=CVE-2022-23825
14 Jul 2022 — Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. ... Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure. • http://www.openwall.com/lists/oss-security/2022/11/08/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 288EXPL: 0CVE-2022-29901 – Arbitrary Memory Disclosure through CPU Side-Channel Attacks (Retbleed)
https://notcve.org/view.php?id=CVE-2022-29901
12 Jul 2022 — Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. ... Non-transparent sharing of branch predictor targets between contexts in some Intel(R) processors may potentially allow an authorized user to enable information disclosure via local access. • https://www.secpod.com/blog/retbleed-intel-and-amd-processor-information-disclosure-vulnerability • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •