CVSS: 10.0EPSS: 1%CPEs: -EXPL: 0CVE-2025-2071 – OS Command Injection Vulnerability in FAST LTA Silent Brick WebUI
https://notcve.org/view.php?id=CVE-2025-2071
31 Mar 2025 — Successful exploitation could allow attackers to execute arbitrary commands on the affected system, potentially resulting in unauthorized access, data leakage, or full system compromise. • https://www.fast-lta.de/de/fast/silent-bricks-software-2-63 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55895 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-55895
29 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7185450 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51477 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-51477
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy. • https://www.ibm.com/support/pages/node/7185058 • CWE-203: Observable Discrepancy •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7577 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-7577
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product. • https://www.ibm.com/support/pages/node/7185020 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43186 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-43186
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions. • https://www.ibm.com/support/pages/node/7184980 • CWE-256: Plaintext Storage of a Password •
CVSS: 2.0EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2922 – Netis WF-2404 BusyBox Shell cleartext storage
https://notcve.org/view.php?id=CVE-2025-2922
28 Mar 2025 — The manipulation leads to cleartext storage of sensitive information. ... The vendor was contacted early about this disclosure but did not respond in any way. ... Mit der Manipulation mit unbekannten Daten kann eine cleartext storage of sensitive information-Schwachstelle ausgenutzt werden. • https://scoozi.substack.com/p/hacking-a-netis-wf-2404-router-with • CWE-310: Cryptographic Issues CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-27001 – WordPress Shipmondo plugin <= 5.0.3 - Authenticated Arbitrary WordPress Option Disclosure vulnerability
https://notcve.org/view.php?id=CVE-2025-27001
28 Mar 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in Shipmondo Shipmondo – A complete shipping solution for WooCommerce allows Retrieve Embedded Sensitive Data.This issue affects Shipmondo – A complete shipping solution for WooCommerce: from n/a through 5.0.3. • https://patchstack.com/database/wordpress/plugin/pakkelabels-for-woocommerce/vulnerability/wordpress-shipmondo-a-complete-shipping-solution-for-woocommerce-plugin-5-0-3-authenticated-arbitrary-wordpress-option-disclosure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38272 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-38272
27 Mar 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments. • https://www.ibm.com/support/pages/node/7229212 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37405 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-37405
27 Mar 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 stores sensitive data in memory, that could be obtained by an unauthorized user. • https://www.ibm.com/support/pages/node/7229212 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-1998 – IBM UrbanCode Deploy (UCD) / IBM DevOps Deploy information disclosure
https://notcve.org/view.php?id=CVE-2025-1998
27 Mar 2025 — IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user. • https://www.ibm.com/support/pages/node/7229034 • CWE-532: Insertion of Sensitive Information into Log File •