
CVE-2025-2634 – Out of Bounds Read Vulnerability in NI LabVIEW when building font map
https://notcve.org/view.php?id=CVE-2025-2634
23 Jul 2025 — Out of bounds read vulnerability due to improper bounds checking in NI LabVIEW in fontmgr may result in information disclosure or arbitrary code execution. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview.html • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •

CVE-2025-2633 – Out of Bounds Read Vulnerability in NI LabVIEW when loading fonts
https://notcve.org/view.php?id=CVE-2025-2633
23 Jul 2025 — UDecStrToNum that may result in information disclosure or arbitrary code execution. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/out-of-bounds-read-vulnerabilities-in-ni-labview.html • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •

CVE-2025-33020 – IBM Engineering Systems Design Rhapsody information disclosure
https://notcve.org/view.php?id=CVE-2025-33020
23 Jul 2025 — IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information. • https://www.ibm.com/support/pages/node/7240374 • CWE-311: Missing Encryption of Sensitive Data •

CVE-2025-36062 – IBM Cognos Analytics Mobile (iOS) information disclosure
https://notcve.org/view.php?id=CVE-2025-36062
21 Jul 2025 — IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic. • https://www.ibm.com/support/pages/node/7239635 • CWE-311: Missing Encryption of Sensitive Data •

CVE-2025-36106 – IBM Cognos Analytics Mobile (iOS) information disclosure
https://notcve.org/view.php?id=CVE-2025-36106
21 Jul 2025 — IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by using a the deprecated or misconfigured AFNetworking library at runtime. • https://www.ibm.com/support/pages/node/7239635 • CWE-326: Inadequate Encryption Strength •

CVE-2025-36107 – IBM Cognos Analytics Mobile (iOS) information disclosure
https://notcve.org/view.php?id=CVE-2025-36107
21 Jul 2025 — IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to obtain sensitive information due to the cleartext transmission of data. • https://www.ibm.com/support/pages/node/7239635 • CWE-319: Cleartext Transmission of Sensitive Information •

CVE-2025-30477
https://notcve.org/view.php?id=CVE-2025-30477
21 Jul 2025 — A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure. • https://www.dell.com/support/kbdoc/en-us/000317419/dsa-2025-192-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVE-2025-36603
https://notcve.org/view.php?id=CVE-2025-36603
21 Jul 2025 — A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering. • https://www.dell.com/support/kbdoc/en-us/000345331/dsa-2025-277-security-update-for-dell-appsync-vulnerabilities • CWE-611: Improper Restriction of XML External Entity Reference •

CVE-2025-7974 – rocket.chat Incorrect Authorization Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-7974
21 Jul 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of rocket.chat. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 3000 by default. The issue results from incorrect authorization. An attacker can leverage this vulnerability to disclose information in the context of the application. •

CVE-2025-44658
https://notcve.org/view.php?id=CVE-2025-44658
21 Jul 2025 — This may lead to remote code execution (RCE), information disclosure, or full system compromise. • https://gist.github.com/TPCchecker/c72eea7a3f89070dab7dfdbf7504b2d6 • CWE-434: Unrestricted Upload of File with Dangerous Type •