CVSS: 6.5EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21272 – Windows COM Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21272
14 Jan 2025 — Windows COM Server Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21272 • CWE-908: Use of Uninitialized Resource •
CVSS: 5.5EPSS: 0%CPEs: 16EXPL: 0CVE-2025-21257 – Windows WLAN AutoConfig Service Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21257
14 Jan 2025 — Windows WLAN AutoConfig Service Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21257 • CWE-125: Out-of-bounds Read •
CVSS: 5.9EPSS: 0%CPEs: 23EXPL: 0CVE-2025-21242 – Windows Kerberos Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21242
14 Jan 2025 — Windows Kerberos Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21242 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.2EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21214 – Windows BitLocker Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21214
14 Jan 2025 — Windows BitLocker Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21214 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.2EPSS: 0%CPEs: 26EXPL: 0CVE-2025-21210 – Windows BitLocker Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21210
14 Jan 2025 — Windows BitLocker Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21210 • CWE-636: Not Failing Securely ('Failing Open') •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2024-12085 – Rsync: info leak via uninitialized stack contents
https://notcve.org/view.php?id=CVE-2024-12085
14 Jan 2025 — An attacker could exploit this issue to leak sensitive information. • https://access.redhat.com/security/cve/CVE-2024-12085 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13164 – Ivanti Endpoint Manager AlertService Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-13164
14 Jan 2025 — This vulnerability allows local attackers to disclose sensitive information on affected installations of Ivanti Endpoint Manager. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13169 – Ivanti Endpoint Manager AlertService Type Confusion Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-13169
14 Jan 2025 — This vulnerability allows local attackers to disclose sensitive information on affected installations of Ivanti Endpoint Manager. • https://forums.ivanti.com/s/article/Security-Advisory-EPM-January-2025-for-EPM-2024-and-EPM-2022-SU6 • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13180 – Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-13180
14 Jan 2025 — Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. ... This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-7-Multiple-CVEs • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52898 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-52898
14 Jan 2025 — IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD web console could allow a local user to obtain sensitive information when a detailed technical error message is returned. • https://www.ibm.com/support/pages/node/7179150 • CWE-209: Generation of Error Message Containing Sensitive Information •