CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7381 – Exposure of sensitive PHP information to an unauthorized control sphere in mautic/mautic images
https://notcve.org/view.php?id=CVE-2025-7381
09 Jul 2025 — ImpactThis is an information disclosure vulnerability originating from PHP's base image. ... ImpactThis is an information disclosure vulnerability originating from PHP's base image. • https://github.com/mautic/docker-mautic/security/advisories/GHSA-89jm-p7jf-x8jx • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1112 – IBM OpenPages with Watson information disclosure
https://notcve.org/view.php?id=CVE-2025-1112
09 Jul 2025 — IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated user to obtain sensitive information that should only be available to privileged users. • https://www.ibm.com/support/pages/node/7239151 • CWE-282: Improper Ownership Management •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2670 – IBM OpenPages information disclosure
https://notcve.org/view.php?id=CVE-2025-2670
09 Jul 2025 — IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points related to workflow feature of OpenPages. • https://www.ibm.com/support/pages/node/7239153 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 9.2EPSS: 0%CPEs: 1EXPL: 2CVE-2025-34084 – WordPress Total Upkeep (BoldGrid Backup) Plugin < 1.14.10 Unauthenticated Backup Disclosure
https://notcve.org/view.php?id=CVE-2025-34084
09 Jul 2025 — An unauthenticated information disclosure vulnerability exists in the WordPress Total Upkeep plugin (also known as BoldGrid Backup) prior to version 1.14.10. • https://plugins.trac.wordpress.org/changeset/2439376/boldgrid-backup • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-306: Missing Authentication for Critical Function •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-27369 – IBM OpenPages with Watson information disclosure
https://notcve.org/view.php?id=CVE-2025-27369
08 Jul 2025 — IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to information disclosure of sensitive information due to a weaker than expected security for certain REST end points used for the administration of OpenPages. • https://www.ibm.com/support/pages/node/7239155 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-49783 – IBM OpenPages with Watson information disclosure
https://notcve.org/view.php?id=CVE-2024-49783
08 Jul 2025 — IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data, they could exploit this vulnerability to use additional cryptographic methods to possibly extract the encrypted data. • https://www.ibm.com/support/pages/node/7239145 • CWE-329: Generation of Predictable IV with CBC Mode •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49784 – IBM OpenPages with Watson information disclosure
https://notcve.org/view.php?id=CVE-2024-49784
08 Jul 2025 — IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data with AES encryption and CBC mode. If an authenticated remote attacker with access to the database or a local attacker with access to server files could extract the encrypted data values they could exploit this weaker algorithm to use additional cryptographic methods to possibly extract the encrypted data. • https://www.ibm.com/support/pages/node/7239145 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-49718 – Microsoft SQL Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-49718
08 Jul 2025 — Use of uninitialized resource in SQL Server allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49718 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2025-49684 – Windows Storage Port Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-49684
08 Jul 2025 — Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49684 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-49681 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-49681
08 Jul 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49681 • CWE-125: Out-of-bounds Read •