CVSS: 6.5EPSS: %CPEs: -EXPL: 0CVE-2025-20693
https://notcve.org/view.php?id=CVE-2025-20693
08 Jul 2025 — This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: %CPEs: -EXPL: 0CVE-2025-20692
https://notcve.org/view.php?id=CVE-2025-20692
08 Jul 2025 — This could lead to local information disclosure with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: %CPEs: -EXPL: 0CVE-2025-20691
https://notcve.org/view.php?id=CVE-2025-20691
08 Jul 2025 — This could lead to local information disclosure with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: %CPEs: -EXPL: 0CVE-2025-20690
https://notcve.org/view.php?id=CVE-2025-20690
08 Jul 2025 — This could lead to local information disclosure with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: %CPEs: -EXPL: 0CVE-2025-20689
https://notcve.org/view.php?id=CVE-2025-20689
08 Jul 2025 — This could lead to local information disclosure with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: %CPEs: -EXPL: 0CVE-2025-20688
https://notcve.org/view.php?id=CVE-2025-20688
08 Jul 2025 — This could lead to local information disclosure with User execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/July-2025 • CWE-125: Out-of-bounds Read •
CVSS: 4.1EPSS: %CPEs: 1EXPL: 0CVE-2025-42965 – Server Side Request Forgery(SSRF) vulnerability in SAP BusinessObjects BI Platform Central Management Console Promotion Management Application
https://notcve.org/view.php?id=CVE-2025-42965
08 Jul 2025 — Successful exploitation may lead to information disclosure. • https://me.sap.com/notes/3598118 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: -EPSS: %CPEs: -EXPL: 0CVE-2025-6044 – Stylus tools appearing after Lock Screen allowing Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2025-6044
07 Jul 2025 — An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on Lenovo devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture feature. Una vulnerabilidad de control de acceso inadecuado en el componente Stylus Tools de Google ChromeOS versión 16238.64.0 en dispositivos Lenovo permite a un atacante físico eludir la pantalla de bloqueo y acceder a los archi... • https://issues.chromium.org/issues/b/421184743 •
CVSS: -EPSS: %CPEs: 3EXPL: 0CVE-2025-53498 – Lack of Audit Logging in AbuseFilter
https://notcve.org/view.php?id=CVE-2025-53498
07 Jul 2025 — : Insufficient Logging vulnerability in Wikimedia Foundation Mediawiki - AbuseFilter Extension allows Data Leakage Attacks.This issue affects Mediawiki - AbuseFilter Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, from 1.43.X before 1.43.2. • https://gerrit.wikimedia.org/r/c/mediawiki/extensions/AbuseFilter/+/1166844 • CWE-778: Insufficient Logging •
CVSS: 3.1EPSS: %CPEs: 7EXPL: 0CVE-2025-20325 – Sensitive Information Disclosure in the SHCConfig logging channel in Clustered Deployments in Splunk Enterprise
https://notcve.org/view.php?id=CVE-2025-20325
07 Jul 2025 — In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster [splunk.secret](https://help.splunk.com/en/splunk-enterprise/administer/manage-users-and-security/9.4/install-splunk-enterprise-securely/deploy-secure-passwords-across-multiple-servers) key. This exposure could happen if you have a Search Head cluster and you configure the Splunk Enterprise `SHCCon... • https://advisory.splunk.com/advisories/SVD-2025-0709 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •