CVSS: 7.1EPSS: %CPEs: -EXPL: 0CVE-2025-30680 – Trend Micro Apex Central Query Server-Side Request Forgery Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-30680
09 Apr 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the Query method. The issue results from the lack of proper validation of a URI prior to accessing resources. An attacker can leverage this vulnerability to disclose information in the context of the service account. •
CVSS: 5.3EPSS: %CPEs: -EXPL: 0CVE-2025-3480 – MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-3480
09 Apr 2025 — This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Web Portal. The issue results from the lack of encryption when transmitting credentials. An attacker can leverage this vulnerability to disclose transmitted credentials, leading to further compromise. •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-29819 – Windows Admin Center in Azure Portal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29819
08 Apr 2025 — External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819 • CWE-73: External Control of File Name or Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29805 – Outlook for Android Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29805
08 Apr 2025 — Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29805 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29808 – Windows Cryptographic Services Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29808
08 Apr 2025 — Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29808 • CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation •
CVSS: 6.8EPSS: 0%CPEs: 21EXPL: 0CVE-2025-27738 – Windows Resilient File System (ReFS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-27738
08 Apr 2025 — Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27738 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2025-27736 – Windows Power Dependency Coordinator Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-27736
08 Apr 2025 — Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27736 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-26676 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26676
08 Apr 2025 — Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26676 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-26672 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26672
08 Apr 2025 — Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26672 • CWE-126: Buffer Over-read •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26628 – Azure Local Cluster Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26628
08 Apr 2025 — Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26628 • CWE-522: Insufficiently Protected Credentials •