CVSS: 10.0EPSS: 93%CPEs: 3EXPL: 23CVE-2025-24813 – Apache Tomcat Path Equivalence Vulnerability
https://notcve.org/view.php?id=CVE-2025-24813
10 Mar 2025 — Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Cod... • https://packetstorm.news/files/id/189826 • CWE-44: Path Equivalence: 'file.name' (Internal Dot) CWE-502: Deserialization of Untrusted Data •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52905 – IBM Sterling B2B Integrator information disclosure
https://notcve.org/view.php?id=CVE-2024-52905
10 Mar 2025 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database information to a privileged user. • https://www.ibm.com/support/pages/node/7185264 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-47109 – IBM Sterling File Gateway information disclosure
https://notcve.org/view.php?id=CVE-2024-47109
10 Mar 2025 — IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7185259 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51476 – IBM Concert Software information disclosure
https://notcve.org/view.php?id=CVE-2024-51476
06 Mar 2025 — IBM Concert Software 1.0.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. • https://www.ibm.com/support/pages/node/7184961 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1696 – Exposure of Proxy Credentials in Docker Desktop Logs
https://notcve.org/view.php?id=CVE-2025-1696
06 Mar 2025 — A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. ... An attacker with read access to these logs could obtain the proxy information and leverage it for further attacks or unauthorized access. • https://docs.docker.com/desktop/settings-and-maintenance/settings/#proxies • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 2.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11035 – Carbon Black Cloud Windows Sensor Information Leak
https://notcve.org/view.php?id=CVE-2024-11035
05 Mar 2025 — Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible to an Information Leak vulnerability, which s a type of issue whereby sensitive information may b exposed due to a vulnerability in software. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25472 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1923 – Debian Security Advisory 5875-1
https://notcve.org/view.php?id=CVE-2025-1923
05 Mar 2025 — (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1922 – Debian Security Advisory 5875-1
https://notcve.org/view.php?id=CVE-2025-1922
05 Mar 2025 — (Chromium security severity: Low) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1921 – Debian Security Advisory 5875-1
https://notcve.org/view.php?id=CVE-2025-1921
05 Mar 2025 — Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html • CWE-1230: Exposure of Sensitive Information Through Metadata •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1919 – Debian Security Advisory 5875-1
https://notcve.org/view.php?id=CVE-2025-1919
05 Mar 2025 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html • CWE-125: Out-of-bounds Read •