CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0909 – PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-0909
31 Jan 2025 — PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. • https://www.zerodayinitiative.com/advisories/ZDI-25-064 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0911 – PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-0911
31 Jan 2025 — PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. • https://www.zerodayinitiative.com/advisories/ZDI-25-066 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0142 – Zoom Jenkins Marketplace plugin - Cleartext Storage of Sensitive Information
https://notcve.org/view.php?id=CVE-2025-0142
30 Jan 2025 — Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-25001 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24784 – kubewarden-controller has an Information leak via AdmissionPolicyGroup Resource
https://notcve.org/view.php?id=CVE-2025-24784
30 Jan 2025 — This could allow an attacker to obtain information about resources that are out of their reach, by leveraging a higher access to the cluster granted to the ServiceAccount token used to run the policy. • https://github.com/kubewarden/kubewarden-controller/commit/51a88dfbb4c090ce0f76a22d98106518e0824d0b • CWE-285: Improper Authorization •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22222 – VMware Aria Operations information disclosure vulnerability (CVE-2025-22222)
https://notcve.org/view.php?id=CVE-2025-22222
30 Jan 2025 — VMware Aria Operations contains an information disclosure vulnerability. ... VMware Aria Operations contains an information disclosure vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329 •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22218 – VMware Aria Operations for Logs information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2025-22218
30 Jan 2025 — VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs VMware Aria Operations for Logs contains an information disclosure vulnerability. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329 •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35907 – IBM Aspera Faspex information disclosure
https://notcve.org/view.php?id=CVE-2023-35907
29 Jan 2025 — IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. • https://www.ibm.com/support/pages/node/7181814 • CWE-521: Weak Password Requirements •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37413 – IBM Aspera Faspex information disclosure
https://notcve.org/view.php?id=CVE-2023-37413
29 Jan 2025 — IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy. • https://www.ibm.com/support/pages/node/7181814 • CWE-204: Observable Response Discrepancy •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37398 – IBM Aspera Faspex information disclosure
https://notcve.org/view.php?id=CVE-2023-37398
29 Jan 2025 — IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. • https://www.ibm.com/support/pages/node/7181814 • CWE-521: Weak Password Requirements •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0762 – Debian Security Advisory 5855-1
https://notcve.org/view.php?id=CVE-2025-0762
29 Jan 2025 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html • CWE-416: Use After Free •