CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2023-32277
https://notcve.org/view.php?id=CVE-2023-32277
12 Feb 2025 — Untrusted Pointer Dereference in I/O subsystem for some Intel(R) QAT software before version 2.0.5 may allow authenticated user to potentially enable information disclosure via local operating system access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01124.html • CWE-822: Untrusted Pointer Dereference •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25205 – Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching
https://notcve.org/view.php?id=CVE-2025-25205
12 Feb 2025 — This could lead to information disclosure of otherwise protected data and, in some cases, a complete denial of service (server crash) if downstream code expects an authenticated user object. • https://github.com/advplyr/audiobookshelf/blob/1a3d70d04100924d41391acb55bd8ddca486a4fa/server/Auth.js#L17-L41 • CWE-202: Exposure of Sensitive Information Through Data Queries CWE-287: Improper Authentication CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6097 – Absolute Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2024-6097
12 Feb 2025 — In Progress® Telerik® Reporting versions prior to 2025 Q1 (19.0.25.211), information disclosure is possible by a local threat actor through an absolute path vulnerability. • https://docs.telerik.com/reporting/knowledge-base/kb-security-absolute-path-traversal-CVE-2024-6097 • CWE-36: Absolute Path Traversal •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-1212 – Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab
https://notcve.org/view.php?id=CVE-2025-1212
12 Feb 2025 — An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information. • https://gitlab.com/gitlab-org/gitlab/-/issues/502196 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 3.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23563 – HCL Connections Docs is vulnerable to a sensitive information disclosure
https://notcve.org/view.php?id=CVE-2024-23563
12 Feb 2025 — HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119097 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-29171
https://notcve.org/view.php?id=CVE-2024-29171
12 Feb 2025 — A remote attacker could potentially exploit this vulnerability, leading to information disclosure. ... A remote attacker could potentially exploit this vulnerability, leading to information disclosure. • https://www.dell.com/support/kbdoc/en-us/000226620/dsa-2024-221-security-update-for-dell-bsafe-ssl-j-multiple-vulnerabilities • CWE-295: Improper Certificate Validation •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-23359
https://notcve.org/view.php?id=CVE-2025-23359
12 Feb 2025 — A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5616 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0112
https://notcve.org/view.php?id=CVE-2024-0112
11 Feb 2025 — A successful exploit of this vulnerability might lead to code execution, denial of service, data corruption, information disclosure, or escalation of privilege. • https://nvidia.custhelp.com/app/answers/detail/a_id/5611 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-32037 – GeoNetwork vulnerable to search end-point information disclosure in response headers
https://notcve.org/view.php?id=CVE-2024-32037
11 Feb 2025 — In versions prior to 4.2.10 and 4.4.5, the search end-point response headers contain information about Elasticsearch software in use. This information is valuable from a security point of view because it allows software used by the server to be easily identified. • https://docs.geonetwork-opensource.org/4.4/api/search • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-21383 – Microsoft Excel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-21383
11 Feb 2025 — Microsoft Excel Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21383 • CWE-125: Out-of-bounds Read •