CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20207 – Cisco Secure Email Gateway, Cisco Secure Email and Web Appliance and Cisco Secure Web Appliance SNMP Polling Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-20207
05 Feb 2025 — A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, remote attacker to obtain confidential information about the underlying operating system. This vulnerability exists because the appliances do not protect confidential information at rest in response to SNMP poll requests. An attacker could exploit this vulnerability by sending a crafted SNMP poll request to the a... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-snmp-inf-FqPvL8sX • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0858 – Certain Poly Devices – Path Traversal Vulnerability - Arbitrary File Access by Unauthorized User
https://notcve.org/view.php?id=CVE-2025-0858
05 Feb 2025 — The firmware flaw does not properly prevent path traversal and could lead to information disclosure. ... The firmware flaw does not properly prevent path traversal and could lead to information disclosure. • https://support.hp.com/us-en/document/ish_11926124-11926148-16/hpsbpy03996 • CWE-35: Path Traversal: '.../ •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43187 – IBM Security Verify Access information disclosure
https://notcve.org/view.php?id=CVE-2024-43187
04 Feb 2025 — IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. • https://www.ibm.com/support/pages/node/7182386 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45658 – IBM Security Verify Access information disclosure
https://notcve.org/view.php?id=CVE-2024-45658
04 Feb 2025 — IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7182386 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0451 – Debian Security Advisory 5859-1
https://notcve.org/view.php?id=CVE-2025-0451
04 Feb 2025 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0445 – Debian Security Advisory 5859-1
https://notcve.org/view.php?id=CVE-2025-0445
04 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0444 – Debian Security Advisory 5859-1
https://notcve.org/view.php?id=CVE-2025-0444
04 Feb 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23060 – Sensitive Data Exposure Vulnerability in HPE Aruba Networking ClearPass Policy Manager (CPPM)
https://notcve.org/view.php?id=CVE-2025-23060
04 Feb 2025 — A vulnerability in HPE Aruba Networking ClearPass Policy Manager may, under certain circumstances, expose sensitive unencrypted information. Exploiting this vulnerability could allow an attacker to perform a man-in-the-middle attack, potentially granting unauthorized access to network resources as well as enabling data tampering. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04784en_us&docLocale=en_US • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23059 – Sensitive Information Disclosure in HPE Aruba Networking ClearPass Policy Manager
https://notcve.org/view.php?id=CVE-2025-23059
04 Feb 2025 — A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. If exploited successfully, this vulnerability allows an authenticated remote attacker with high privileges to access and retrieve sensitive data, potentially compromising the integrity and security of the entire system. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04784en_us&docLocale=en_US • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45659 – IBM Security Verify Access information disclosure
https://notcve.org/view.php?id=CVE-2024-45659
04 Feb 2025 — IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7182386 • CWE-209: Generation of Error Message Containing Sensitive Information •