CVSS: -EPSS: %CPEs: 6EXPL: 0CVE-2025-21950 – drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl
https://notcve.org/view.php?id=CVE-2025-21950
01 Apr 2025 — In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects allocated by kmalloc are initialized by "hcall_get_cpu_state", which are then copied to user space. • https://git.kernel.org/stable/c/3d679d5aec648f50e645702929890b9611998a0b •
CVSS: 5.3EPSS: %CPEs: -EXPL: 0CVE-2025-31842 – WordPress Viral Loops WP Integration Plugin <= 3.4.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31842
01 Apr 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in viralloops Viral Loops WP Integration allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/viral-loops-wp-integration/vulnerability/wordpress-viral-loops-wp-integration-plugin-3-4-0-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.3EPSS: %CPEs: -EXPL: 0CVE-2025-31832 – WordPress ACF City Selector plugin <= 1.16.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31832
01 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Beee ACF City Selector allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/acf-city-selector/vulnerability/wordpress-acf-city-selector-plugin-1-16-0-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: %CPEs: -EXPL: 0CVE-2025-31788 – WordPress AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin <= 1.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31788
01 Apr 2025 — Insertion of Sensitive Information into Log File vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/all-in-one-performance-accelerator/vulnerability/wordpress-aio-performance-profiler-monitor-optimize-compress-debug-plugin-1-2-sensitive-data-exposure-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.1EPSS: %CPEs: 1EXPL: 0CVE-2025-30224 – MyDumper arbitrary file read issue
https://notcve.org/view.php?id=CVE-2025-30224
01 Apr 2025 — The MySQL C client library (libmysqlclient) allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to LOAD LOCAL INFILE query, leading to sensitive information disclosure when clients connect to untrusted MySQL servers without explicitly disabling the local infile capability. • https://github.com/mydumper/mydumper/security/advisories/GHSA-r8qc-xp3g-c458 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-31001 – WordPress GTM Kit plugin <= 2.3.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31001
01 Apr 2025 — Debug Messages Revealing Unnecessary Information vulnerability in TLA Media GTM Kit allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/gtm-kit/vulnerability/wordpress-gtm-kit-plugin-2-3-1-sensitive-data-exposure-vulnerability? • CWE-1295: Debug Messages Revealing Unnecessary Information •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-30802 – WordPress Our Team Members plugin <= 2.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-30802
01 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPBean Our Team Members. • https://patchstack.com/database/wordpress/plugin/our-team-members/vulnerability/wordpress-our-team-members-plugin-2-2-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24182 – Apple macOS CoreText Font Glyphs Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24182
31 Mar 2025 — Processing a maliciously crafted font may result in the disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. • https://support.apple.com/en-us/122371 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24244 – Apple macOS AudioToolboxCore WAV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24244
31 Mar 2025 — Processing a maliciously crafted font may result in the disclosure of process memory. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. • https://support.apple.com/en-us/122371 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24230 – Apple macOS MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24230
31 Mar 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. • https://support.apple.com/en-us/122371 •