CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2022-26083
https://notcve.org/view.php?id=CVE-2022-26083
14 Feb 2025 — Generation of weak initialization vector in an Intel(R) IPP Cryptography software library before version 2021.5 may allow an unauthenticated user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-00667.html • CWE-1204: Generation of Weak Initialization Vector (IV) •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12651 – Sensitive Data Exposure in PTT Inc.'
https://notcve.org/view.php?id=CVE-2024-12651
14 Feb 2025 — Exposed Dangerous Method or Function vulnerability in PTT Inc. HGS Mobile App allows Manipulating User-Controlled Variables.This issue affects HGS Mobile App: before 6.5.0. • https://www.usom.gov.tr/bildirim/tr-25-0034 • CWE-749: Exposed Dangerous Method or Function •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26758 – WordPress Spotlight Social Feeds plugin <= 1.7.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-26758
14 Feb 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RebelCode Spotlight Social Media Feeds allows Retrieve Embedded Sensitive Data. This issue affects Spotlight Social Media Feeds: from n/a through 1.7.1. The Spotlight Social Feeds – Block, Shortcode, and Widget plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1. This makes it possible for unauthenticated attackers to extract sensitive user or configuration... • https://patchstack.com/database/wordpress/plugin/spotlight-social-photo-feeds/vulnerability/wordpress-spotlight-social-feeds-plugin-1-7-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0995 – Debian Security Advisory 5866-1
https://notcve.org/view.php?id=CVE-2025-0995
14 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html • CWE-416: Use After Free •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0996 – Debian Security Advisory 5866-1
https://notcve.org/view.php?id=CVE-2025-0996
14 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html • CWE-1007: Insufficient Visual Distinction of Homoglyphs Presented to User •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0997 – Debian Security Advisory 5866-1
https://notcve.org/view.php?id=CVE-2025-0997
14 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-12011
https://notcve.org/view.php?id=CVE-2024-12011
13 Feb 2025 — The information disclosure can be triggered by leveraging a memory leak affecting the web server. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-12011 • CWE-126: Buffer Over-read •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-22961
https://notcve.org/view.php?id=CVE-2025-22961
13 Feb 2025 — A critical information disclosure vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters due to Incorrect Access Control (CWE-284). • https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-22961 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.6EPSS: 0%CPEs: -EXPL: 0CVE-2023-48366
https://notcve.org/view.php?id=CVE-2023-48366
12 Feb 2025 — Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01203.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 2.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-39271
https://notcve.org/view.php?id=CVE-2024-39271
12 Feb 2025 — Improper restriction of communication channel to intended endpoints in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software before version 23.80 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01224.html • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •