CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56495 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56495
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56811 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56811
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56493 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56493
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56494 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56494
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56812 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56812
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9334 – Information Disclosure in E-Kent's Pallium Vehicle Tracking
https://notcve.org/view.php?id=CVE-2024-9334
27 Feb 2025 — Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass.This issue affects Pallium Vehicle Tracking: before 17.10.2024. • https://www.usom.gov.tr/bildirim/tr-25-0044 • CWE-798: Use of Hard-coded Credentials CWE-921: Storage of Sensitive Data in a Mechanism without Access Control •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-25729
https://notcve.org/view.php?id=CVE-2025-25729
27 Feb 2025 — An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 allows attackers to obtain hardcoded cleartext credentials via the update or boot process. • https://gainsec.com/2025/02/27/cve-2025-25727cve-2025-25728cve-2025-25729-multiple-vulnerabilities-found-in-bosscomm-obd2-tablet • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49556 – KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
https://notcve.org/view.php?id=CVE-2022-49556
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces, the length parameter that is passed maybe less than or equal to SEV_FW_BLOB_MAX_SIZE, but larger than the data that PSP firmware returns. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak For some sev ioctl interfaces... • https://git.kernel.org/stable/c/eaf78265a4ab33935d3a0f1407ce4a91aac4d4d5 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49235 – ath9k_htc: fix uninit value bugs
https://notcve.org/view.php?id=CVE-2022-49235
26 Feb 2025 — Based on firmware code, it will initialize it by itself, so simply zero whole array to make KMSAN happy Fail logs: BUG: KMSAN: kernel-usb-infoleak in usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430 usb_submit_urb+0x6c1/0x2aa0 drivers/usb/core/urb.c:430 hif_usb_send_regout drivers/net/wireless/ath/ath9k/hif_usb.c:127 [inline] hif_usb_send+0x5f0/0x16f0 drivers/net/wireless/ath/ath9k/hif_usb.c:479 htc_issue_send drivers/net/wireless/ath/ath9k/htc_hst.c:34 [inline] htc_connect_service+0x143... • https://git.kernel.org/stable/c/fb9987d0f748c983bb795a86f47522313f701a08 •
CVSS: -EPSS: 0%CPEs: 9EXPL: 0CVE-2022-49191 – mxser: fix xmit_buf leak in activate when LSR == 0xff
https://notcve.org/view.php?id=CVE-2022-49191
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: mxser: fix xmit_buf leak in activate when LSR == 0xff When LSR is 0xff in ->activate() (rather unlike), we return an error. Provided ->shutdown() is not called when ->activate() fails, nothing actually frees the buffer in this case. ... info->type" if now too. • https://git.kernel.org/stable/c/6769140d304731f0a3b177470a2adb4bacd9036b •