CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45674 – IBM Security Verify Bridge information disclosure
https://notcve.org/view.php?id=CVE-2024-45674
21 Feb 2025 — IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores potentially sensitive information in log files that could be read by a local user. • https://www.ibm.com/support/pages/node/7183801 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45673 – IBM Security Verify Bridge information disclosure
https://notcve.org/view.php?id=CVE-2024-45673
21 Feb 2025 — IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Security Verify Gateway for Windows Login 1.0.1 through 1.0.10, and IBM Security Verify Gateway for Radius 1.0.1 through 1.0.11 stores user credentials in configuration files which can be read by a local user. • https://www.ibm.com/support/pages/node/7183801 • CWE-260: Password in Configuration File •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-54961
https://notcve.org/view.php?id=CVE-2024-54961
20 Feb 2025 — Nagios XI 2024R1.2.2 has an Information Disclosure vulnerability, which allows unauthenticated users to access multiple pages displaying the usernames and email addresses of all current users. • https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2024-54961 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-37362 – Hitachi Vantara Pentaho Data Integration & Analytics - Insufficiently Protected Credentials
https://notcve.org/view.php?id=CVE-2024-37362
19 Feb 2025 — Products must not disclose sensitive information without cause. Disclosure of sensitive information can lead to further exploitation. • https://support.pentaho.com/hc/en-us/articles/34296552220941--Resolved-Hitachi-Vantara-Pentaho-Data-Integration-Analytics-Insufficiently-Protected-Credentials-Versions-before-10-2-0-0-and-9-3-0-8-including-8-3-x-Impacted-CVE-2024-37362 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1006 – Debian Security Advisory 5869-1
https://notcve.org/view.php?id=CVE-2025-1006
19 Feb 2025 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1426 – Debian Security Advisory 5869-1
https://notcve.org/view.php?id=CVE-2025-1426
19 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0999 – Debian Security Advisory 5869-1
https://notcve.org/view.php?id=CVE-2025-0999
19 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2025-20158 – Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-20158
19 Feb 2025 — A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. ... A successful exploit could allow the attacker to access sensitive information on the underlying operating system. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-info-disc-YyxsWStK • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28780 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2024-28780
19 Feb 2025 — IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7183597 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52902 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2024-52902
19 Feb 2025 — IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application contains hard coded database passwords in source code which could be used for unauthorized access to the system. • https://www.ibm.com/support/pages/node/7183597 • CWE-798: Use of Hard-coded Credentials •