CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25023 – IBM Security Guardium information disclosure
https://notcve.org/view.php?id=CVE-2025-25023
09 Apr 2025 — IBM Security Guardium 11.4 and 12.1 could allow a privileged user to read any file on the system due to incorrect privilege assignment. • https://www.ibm.com/support/pages/node/7230467 • CWE-266: Incorrect Privilege Assignment •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-27934
https://notcve.org/view.php?id=CVE-2025-27934
09 Apr 2025 — Information disclosure of authentication information in the specific service vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. • https://jvn.jp/en/vu/JVNVU93925742 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3442 – Information Disclosure Vulnerability in TP-Link Tapo IoT Smart Hub
https://notcve.org/view.php?id=CVE-2025-3442
09 Apr 2025 — An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device. ... An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the Wi-Fi credentials stored on the vulnerable device. • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0072 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-30678 – Trend Micro Apex Central modTMSM Server-Side Request Forgery Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-30678
09 Apr 2025 — An attacker can leverage this vulnerability to disclose sensitive data, leading to further compromise. •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-30679 – Trend Micro Apex Central modOSCE Server-Side Request Forgery Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-30679
09 Apr 2025 — An attacker can leverage this vulnerability to disclose sensitive data, leading to further compromise. •
CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2025-30680 – Trend Micro Apex Central Query Server-Side Request Forgery Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-30680
09 Apr 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the Query method. The issue results from the lack of proper validation of a URI prior to accessing resources. An attacker can leverage this vulnerability to disclose information in the context of the service account. •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-3480 – MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-3480
09 Apr 2025 — This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Web Portal. The issue results from the lack of encryption when transmitting credentials. An attacker can leverage this vulnerability to disclose transmitted credentials, leading to further compromise. •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-29819 – Windows Admin Center in Azure Portal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29819
08 Apr 2025 — External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819 • CWE-73: External Control of File Name or Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29805 – Outlook for Android Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29805
08 Apr 2025 — Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29805 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29808 – Windows Cryptographic Services Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-29808
08 Apr 2025 — Use of a cryptographic primitive with a risky implementation in Windows Cryptographic Services allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29808 • CWE-1240: Use of a Cryptographic Primitive with a Risky Implementation •