CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-26309
https://notcve.org/view.php?id=CVE-2025-26309
20 Feb 2025 — A memory leak has been identified in the parseSWF_DEFINESCENEANDFRAMEDATA function in util/parser.c of libming v0.4.8, which allows attackers to cause a denial of service via a crafted SWF file. • https://github.com/libming/libming/issues/327 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-54961
https://notcve.org/view.php?id=CVE-2024-54961
20 Feb 2025 — Nagios XI 2024R1.2.2 has an Information Disclosure vulnerability, which allows unauthenticated users to access multiple pages displaying the usernames and email addresses of all current users. • https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2024-54961 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1006 – Debian Security Advisory 5869-1
https://notcve.org/view.php?id=CVE-2025-1006
19 Feb 2025 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1426 – Debian Security Advisory 5869-1
https://notcve.org/view.php?id=CVE-2025-1426
19 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0999 – Debian Security Advisory 5869-1
https://notcve.org/view.php?id=CVE-2025-0999
19 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.4EPSS: 0%CPEs: 7EXPL: 0CVE-2025-20158 – Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-20158
19 Feb 2025 — A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. ... A successful exploit could allow the attacker to access sensitive information on the underlying operating system. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-info-disc-YyxsWStK • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-28780 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2024-28780
19 Feb 2025 — IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7183597 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-52902 – IBM Cognos Controller information disclosure
https://notcve.org/view.php?id=CVE-2024-52902
19 Feb 2025 — IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application contains hard coded database passwords in source code which could be used for unauthorized access to the system. • https://www.ibm.com/support/pages/node/7183597 • CWE-798: Use of Hard-coded Credentials •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-25946
https://notcve.org/view.php?id=CVE-2025-25946
19 Feb 2025 — An issue in Bento4 v1.6.0-641 allows an attacker to cause a memory leak via Ap4Marlin.cpp and Ap4Processor.cpp, specifically in AP4_MarlinIpmpEncryptingProcessor::Initialize and AP4_Processor::Process, during the execution of mp4encrypt with a specially crafted MP4 input file. • https://github.com/axiomatic-systems/Bento4/issues/994 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0981 – Session Hijacking via Stored Cross-Site Scripting (XSS) in ChurchCRM GroupEditor.php Description Field
https://notcve.org/view.php?id=CVE-2025-0981
18 Feb 2025 — It can also lead to information disclosure, as exposed session cookies can be used to impersonate users and gain unauthorised access to sensitive information. It can also lead to information disclosure, as exposed session cookies can be used to impersonate users and gain unauthorised access to sensitive information. It can also lead to information disclosure, as exposed session cookies can be used to impersonate users and gain unauthorised access to se... • https://github.com/ChurchCRM/CRM/issues/7245 • CWE-287: Improper Authentication •