CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-24210 – Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24210
31 Mar 2025 — A logic error was addressed with improved error handling. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iPadOS 17.7.6, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. Parsing an image may lead to disclosure of user information. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malici... • https://support.apple.com/en-us/122371 • CWE-783: Operator Precedence Logic Error •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24256 – Apple macOS AppleIntelKBLGraphics Time-Of-Check Time-Of-Use Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24256
31 Mar 2025 — The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to disclose kernel memory. This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphics kext. he issue re... • https://support.apple.com/en-us/122373 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31686 – Open Social - Less critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-015
https://notcve.org/view.php?id=CVE-2025-31686
31 Mar 2025 — Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10. • https://www.drupal.org/sa-contrib-2025-015 • CWE-862: Missing Authorization •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31678 – AI (Artificial Intelligence) - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-004
https://notcve.org/view.php?id=CVE-2025-31678
31 Mar 2025 — Missing Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Forceful Browsing.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.3. • https://www.drupal.org/sa-contrib-2025-004 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-2071 – OS Command Injection Vulnerability in FAST LTA Silent Brick WebUI
https://notcve.org/view.php?id=CVE-2025-2071
31 Mar 2025 — Successful exploitation could allow attackers to execute arbitrary commands on the affected system, potentially resulting in unauthorized access, data leakage, or full system compromise. • https://www.fast-lta.de/de/fast/silent-bricks-software-2-63 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55895 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-55895
29 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7185450 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51477 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-51477
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy. • https://www.ibm.com/support/pages/node/7185058 • CWE-203: Observable Discrepancy •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7577 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-7577
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product. • https://www.ibm.com/support/pages/node/7185020 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43186 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-43186
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions. • https://www.ibm.com/support/pages/node/7184980 • CWE-256: Plaintext Storage of a Password •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38272 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-38272
27 Mar 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments. • https://www.ibm.com/support/pages/node/7229212 • CWE-300: Channel Accessible by Non-Endpoint •