CVSS: 2.7EPSS: %CPEs: -EXPL: 0CVE-2025-14082 – Keycloak-services: keycloak admin rest api: improper access control leads to sensitive role metadata information disclosure
https://notcve.org/view.php?id=CVE-2025-14082
10 Dec 2025 — This vulnerability allows information disclosure of sensitive role metadata via insufficient authorization checks on the /admin/realms/{realm}/roles endpoint. • https://access.redhat.com/security/cve/CVE-2025-14082 • CWE-284: Improper Access Control •
CVSS: 8.7EPSS: %CPEs: 1EXPL: 1CVE-2021-47718 – OpenBMCS Directory Listing Information Disclosure
https://notcve.org/view.php?id=CVE-2021-47718
09 Dec 2025 — OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. • https://www.vulncheck.com/advisories/openbmcs-directory-listing-information-disclosure • CWE-548: Exposure of Information Through Directory Listing •
CVSS: 7.1EPSS: %CPEs: 4EXPL: 0CVE-2025-62570 – Windows Camera Frame Server Monitor Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-62570
09 Dec 2025 — Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62570 • CWE-284: Improper Access Control •
CVSS: 4.4EPSS: %CPEs: 7EXPL: 0CVE-2025-62468 – Windows Defender Firewall Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-62468
09 Dec 2025 — Out-of-bounds read in Windows Defender Firewall Service allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62468 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: %CPEs: 10EXPL: 0CVE-2025-64670 – Windows DirectX Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-64670
09 Dec 2025 — Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64670 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: %CPEs: 24EXPL: 0CVE-2025-62473 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-62473
09 Dec 2025 — Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-62473 • CWE-126: Buffer Over-read •
CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2025-33214
https://notcve.org/view.php?id=CVE-2025-33214
09 Dec 2025 — A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-33214 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2025-33213
https://notcve.org/view.php?id=CVE-2025-33213
09 Dec 2025 — A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-33213 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: %CPEs: 2EXPL: 0CVE-2025-59810
https://notcve.org/view.php?id=CVE-2025-59810
09 Dec 2025 — An improper access control vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2, FortiSOAR PaaS 7.5.0 through 7.5.1, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow information disclosure to an authenticated attacker via crafted requests • https://fortiguard.fortinet.com/psirt/FG-IR-25-601 • CWE-284: Improper Access Control •
CVSS: 6.2EPSS: %CPEs: 2EXPL: 0CVE-2024-38798 – Uncleared password keystrokes in circular queue can lead to information disclosure or escalation of privilege
https://notcve.org/view.php?id=CVE-2024-38798
09 Dec 2025 — Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality. • https://github.com/tianocore/edk2/security/advisories/GHSA-q2c6-37h5-7cwf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •