CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26758 – WordPress Spotlight Social Feeds plugin <= 1.7.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-26758
14 Feb 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RebelCode Spotlight Social Media Feeds allows Retrieve Embedded Sensitive Data. ... The Spotlight Social Feeds – Block, Shortcode, and Widget plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1. • https://patchstack.com/database/wordpress/plugin/spotlight-social-photo-feeds/vulnerability/wordpress-spotlight-social-feeds-plugin-1-7-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-12011
https://notcve.org/view.php?id=CVE-2024-12011
13 Feb 2025 — The information disclosure can be triggered by leveraging a memory leak affecting the web server. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-12011 • CWE-126: Buffer Over-read •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-22961
https://notcve.org/view.php?id=CVE-2025-22961
13 Feb 2025 — A critical information disclosure vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters due to Incorrect Access Control (CWE-284). • https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-22961 •
CVSS: 5.6EPSS: 0%CPEs: -EXPL: 0CVE-2023-48366
https://notcve.org/view.php?id=CVE-2023-48366
12 Feb 2025 — Race condition in some Intel(R) System Security Report and System Resources Defense firmware may allow a privileged user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01203.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 2.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-39271
https://notcve.org/view.php?id=CVE-2024-39271
12 Feb 2025 — Improper restriction of communication channel to intended endpoints in some Intel(R) PROSet/Wireless WiFi and Killerâ„¢ WiFi software before version 23.80 may allow an unauthenticated user to potentially enable information disclosure via adjacent access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01224.html • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-28047
https://notcve.org/view.php?id=CVE-2024-28047
12 Feb 2025 — Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31157
https://notcve.org/view.php?id=CVE-2024-31157
12 Feb 2025 — Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01139.html • CWE-665: Improper Initialization •
CVSS: 4.6EPSS: 0%CPEs: -EXPL: 0CVE-2024-26021
https://notcve.org/view.php?id=CVE-2024-26021
12 Feb 2025 — Improper initialization in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01152.html • CWE-665: Improper Initialization •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-21859
https://notcve.org/view.php?id=CVE-2024-21859
12 Feb 2025 — Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01198.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-39286
https://notcve.org/view.php?id=CVE-2024-39286
12 Feb 2025 — Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01236.html • CWE-279: Incorrect Execution-Assigned Permissions •