CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30391 – Microsoft Dynamics Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-30391
30 Apr 2025 — Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30391 • CWE-20: Improper Input Validation •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23376
https://notcve.org/view.php?id=CVE-2025-23376
28 Apr 2025 — A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000311083/dsa-2025-062-security-update-for-dell-powerprotect-data-manager-multiple-security-vulnerabilities • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3978 – dazhouda lecms user_set.htm information disclosure
https://notcve.org/view.php?id=CVE-2025-3978
27 Apr 2025 — The manipulation leads to information disclosure. ... Durch Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/dtwin88/cve-md/blob/main/lecms%20V3.0.3/lecms_2.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3975 – ScriptAndTools eCommerce-website-in-PHP subscriber-csv.php information disclosure
https://notcve.org/view.php?id=CVE-2025-3975
27 Apr 2025 — The manipulation leads to information disclosure. ... Mittels dem Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://vuldb.com/?ctiid.306311 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-3966 – itwanger paicoding Browsing History home information disclosure
https://notcve.org/view.php?id=CVE-2025-3966
27 Apr 2025 — The manipulation leads to information disclosure. ... Durch das Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/uglory-gll/javasec/blob/main/paicoding.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46575 – ZTE GoldenDB Database product has an information disclosure vulnerability
https://notcve.org/view.php?id=CVE-2025-46575
27 Apr 2025 — There is an information disclosure vulnerability in the GoldenDB database product. • https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4693390139849392205 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46574 – ZTE GoldenDB Database product has an input validation vulnerability
https://notcve.org/view.php?id=CVE-2025-46574
27 Apr 2025 — There is an information disclosure vulnerability in the GoldenDB database product. • https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/4693390139849392200 • CWE-20: Improper Input Validation •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2068
https://notcve.org/view.php?id=CVE-2025-2068
25 Apr 2025 — An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user. • https://www.filez.com/securityPolicy/2.html?1744703100 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-32983
https://notcve.org/view.php?id=CVE-2025-32983
25 Apr 2025 — NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. • https://www.netscout.com/securityadvisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 0CVE-2025-46421 – Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server
https://notcve.org/view.php?id=CVE-2025-46421
24 Apr 2025 — A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect. Tan Wei Chong discovered that libsoup incorrectly handled memory when parsing HTTP request headers. An attacker could possibly use this issue to send a maliciously crafted HTTP request to the server, causing a denial of service. • https://access.redhat.com/security/cve/CVE-2025-46421 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •