CVSS: 3.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-39286
https://notcve.org/view.php?id=CVE-2024-39286
12 Feb 2025 — Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01236.html • CWE-279: Incorrect Execution-Assigned Permissions •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2023-32277
https://notcve.org/view.php?id=CVE-2023-32277
12 Feb 2025 — Untrusted Pointer Dereference in I/O subsystem for some Intel(R) QAT software before version 2.0.5 may allow authenticated user to potentially enable information disclosure via local operating system access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01124.html • CWE-822: Untrusted Pointer Dereference •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25205 – Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching
https://notcve.org/view.php?id=CVE-2025-25205
12 Feb 2025 — This could lead to information disclosure of otherwise protected data and, in some cases, a complete denial of service (server crash) if downstream code expects an authenticated user object. • https://github.com/advplyr/audiobookshelf/blob/1a3d70d04100924d41391acb55bd8ddca486a4fa/server/Auth.js#L17-L41 • CWE-202: Exposure of Sensitive Information Through Data Queries CWE-287: Improper Authentication CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6097 – Absolute Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2024-6097
12 Feb 2025 — In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability. • https://docs.telerik.com/reporting/knowledge-base/kb-security-absolute-path-traversal-CVE-2024-6097 • CWE-36: Absolute Path Traversal •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1212 – Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab
https://notcve.org/view.php?id=CVE-2025-1212
12 Feb 2025 — An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information. • https://gitlab.com/gitlab-org/gitlab/-/issues/502196 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 3.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23563 – HCL Connections Docs is vulnerable to a sensitive information disclosure
https://notcve.org/view.php?id=CVE-2024-23563
12 Feb 2025 — HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119097 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29171
https://notcve.org/view.php?id=CVE-2024-29171
12 Feb 2025 — A remote attacker could potentially exploit this vulnerability, leading to information disclosure. ... A remote attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000226620/dsa-2024-221-security-update-for-dell-bsafe-ssl-j-multiple-vulnerabilities • CWE-295: Improper Certificate Validation •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23359 – NVIDIA Container Toolkit mount_files Time-Of-Check Time-Of-Use Race Condition Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-23359
12 Feb 2025 — A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5616 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22633 – WordPress Give – Divi Donation Modules plugin <= 2.0.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-22633
12 Feb 2025 — Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Matt Cromwell Give – Divi Donation Modules allows Retrieve Embedded Sensitive Data. ... The Give – Divi Donation Modules plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.0. • https://patchstack.com/database/wordpress/plugin/give-donation-modules-for-divi/vulnerability/wordpress-give-divi-donation-modules-plugin-2-0-0-sensitive-data-exposure-vulnerability? • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0112
https://notcve.org/view.php?id=CVE-2024-0112
11 Feb 2025 — A successful exploit of this vulnerability might lead to code execution, denial of service, data corruption, information disclosure, or escalation of privilege. • https://nvidia.custhelp.com/app/answers/detail/a_id/5611 • CWE-20: Improper Input Validation •