CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24689 – WordPress Import and export users and customers plugin 1.27.12 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-24689
27 Jan 2025 — Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in codection Import and export users and customers allows Retrieve Embedded Sensitive Data. ... The Import and export users and customers plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.27.12. • https://patchstack.com/database/wordpress/plugin/import-users-from-csv-with-meta/vulnerability/wordpress-import-and-export-users-and-customers-plugin-1-27-12-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 4.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38009 – IBM Cognos Analytics Mobile information disclosure
https://notcve.org/view.php?id=CVE-2023-38009
26 Jan 2025 — IBM Cognos Mobile Client 1.1 iOS may be vulnerable to information disclosure through man in the middle techniques due to the lack of certificate pinning. • https://www.ibm.com/support/pages/node/7172691 • CWE-295: Improper Certificate Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50946 – IBM Common Licensing information disclosure
https://notcve.org/view.php?id=CVE-2023-50946
26 Jan 2025 — IBM Common Licensing 9.0 could allow an authenticated user to modify a configuration file that they should not have access to due to a broken authorization mechanism. • https://www.ibm.com/support/pages/node/7161947 • CWE-863: Incorrect Authorization •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50945 – IBM Common Licensing information disclosure
https://notcve.org/view.php?id=CVE-2023-50945
26 Jan 2025 — IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user. • https://www.ibm.com/support/pages/node/7161947 • CWE-256: Plaintext Storage of a Password •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31906 – IBM Automation Decision Services information disclosure
https://notcve.org/view.php?id=CVE-2024-31906
26 Jan 2025 — IBM Automation Decision Services 23.0.2 allows web pages to be stored locally which can be read by another user on the system. • https://www.ibm.com/support/pages/node/7150662 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-35144 – IBM Maximo Application Suite information disclosure
https://notcve.org/view.php?id=CVE-2024-35144
25 Jan 2025 — IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the web server that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7174953 • CWE-540: Inclusion of Sensitive Information in Source Code •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-35134 – IBM Analytics Content Hub information disclosure
https://notcve.org/view.php?id=CVE-2024-35134
25 Jan 2025 — IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7172787 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38271 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-38271
25 Jan 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could allow an authenticated user to obtain sensitive information from log files. IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could allow an authenticated user to obtain sensitive information from log files. • https://www.ibm.com/support/pages/node/7159533 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38713 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-38713
25 Jan 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could disclose sensitive information about the system that could aid in further attacks against the system. IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could disclose sensitive information about the system that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7159533 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38714 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-38714
25 Jan 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could disclose sensitive information about the system that could aid in further attacks against the system. IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, and 2.3.3.7 iFix1 could disclose sensitive information about the system that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7159533 • CWE-209: Generation of Error Message Containing Sensitive Information •