CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2025-33142 – IBM WebSphere Application Server information disclosure
https://notcve.org/view.php?id=CVE-2025-33142
14 Aug 2025 — IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections. • https://www.ibm.com/support/pages/node/7242172 • CWE-295: Improper Certificate Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55675 – Apache Superset: Incorrect datasource authorization on REST API
https://notcve.org/view.php?id=CVE-2025-55675
14 Aug 2025 — By iterating through the datasource_id in the URL, an attacker can enumerate and confirm the existence and names of protected datasources, leading to sensitive information disclosure. • https://lists.apache.org/thread/op681b4kbd7g84tfjf9omz0sxggbcv33 • CWE-285: Improper Authorization •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-54736 – WordPress Savoy Theme <= 3.0.8 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-54736
14 Aug 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy allows Retrieve Embedded Sensitive Data. ... This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/theme/savoy/vulnerability/wordpress-savoy-theme-plugin-3-0-8-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55710 – WordPress TaxoPress Plugin <= 3.37.2 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-55710
14 Aug 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in Steve Burge TaxoPress allows Retrieve Embedded Sensitive Data. ... This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/simple-tags/vulnerability/wordpress-taxopress-plugin-plugin-3-37-2-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-5477
https://notcve.org/view.php?id=CVE-2024-5477
13 Aug 2025 — A potential security vulnerability has been identified in the System BIOS for some HP PC products which may allow escalation of privilege, arbitrary code execution, denial of service, or information disclosure via a physical attack that requires specialized equipment and knowledge. • https://support.hp.com/us-en/document/ish_12878449-12878471-16/hpsbhf04043 • CWE-1256: Improper Restriction of Software Interfaces to Hardware Features •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23306
https://notcve.org/view.php?id=CVE-2025-23306
13 Aug 2025 — A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. ... A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-23306 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23305
https://notcve.org/view.php?id=CVE-2025-23305
13 Aug 2025 — A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-23305 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-23298
https://notcve.org/view.php?id=CVE-2025-23298
13 Aug 2025 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-23298 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-23296
https://notcve.org/view.php?id=CVE-2025-23296
13 Aug 2025 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-23296 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23295
https://notcve.org/view.php?id=CVE-2025-23295
13 Aug 2025 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering. • https://nvd.nist.gov/vuln/detail/CVE-2025-23295 • CWE-94: Improper Control of Generation of Code ('Code Injection') •