CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31788 – WordPress AIO Performance Profiler, Monitor, Optimize, Compress & Debug plugin <= 1.2 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31788
01 Apr 2025 — Insertion of Sensitive Information into Log File vulnerability in smackcoders AIO Performance Profiler, Monitor, Optimize, Compress & Debug allows Retrieve Embedded Sensitive Data. ... This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/all-in-one-performance-accelerator/vulnerability/wordpress-aio-performance-profiler-monitor-optimize-compress-debug-plugin-1-2-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31832 – WordPress ACF City Selector plugin <= 1.16.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31832
01 Apr 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Beee ACF City Selector allows Retrieve Embedded Sensitive Data. ... This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/acf-city-selector/vulnerability/wordpress-acf-city-selector-plugin-1-16-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31842 – WordPress Viral Loops WP Integration Plugin <= 3.4.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31842
01 Apr 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in viralloops Viral Loops WP Integration allows Retrieve Embedded Sensitive Data. ... This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/viral-loops-wp-integration/vulnerability/wordpress-viral-loops-wp-integration-plugin-3-4-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.5EPSS: 1%CPEs: -EXPL: 1CVE-2003-20001 – Mitel mitel-cs018 - Call Data Information Disclosure
https://notcve.org/view.php?id=CVE-2003-20001
01 Apr 2025 — An issue was discovered on Mitel ICP VoIP 3100 devices. When a remote user attempts to log in via TELNET during the login wait time and an external call comes in, the system incorrectly divulges information about the call and any SMDR records generated by the system. The information provided includes the service type, extension number and other parameters, related to the call activity. • https://www.exploit-db.com/exploits/49176 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24182 – Apple macOS CoreText Font Glyphs Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24182
31 Mar 2025 — The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://support.apple.com/en-us/122371 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-24244 – Apple macOS AudioToolboxCore WAV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24244
31 Mar 2025 — The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://support.apple.com/en-us/122371 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24230 – Apple macOS MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24230
31 Mar 2025 — The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://support.apple.com/en-us/122371 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24210 – Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24210
31 Mar 2025 — The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. • https://support.apple.com/en-us/122371 • CWE-783: Operator Precedence Logic Error •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24256 – Apple macOS AppleIntelKBLGraphics Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24256
31 Mar 2025 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to disclose kernel memory. This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphics kext. he issue re... • https://support.apple.com/en-us/122373 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31686 – Open Social - Less critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-015
https://notcve.org/view.php?id=CVE-2025-31686
31 Mar 2025 — Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10. • https://www.drupal.org/sa-contrib-2025-015 • CWE-862: Missing Authorization •