CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2025-32722 – Windows Storage Port Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-32722
10 Jun 2025 — Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32722 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0CVE-2025-32720 – Windows Storage Management Provider Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-32720
10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32720 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2025-32719 – Windows Storage Management Provider Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-32719
10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32719 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0CVE-2025-32715 – Remote Desktop Protocol Client Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-32715
10 Jun 2025 — Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32715 • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-42982 – Information Disclosure in SAP GRC (AC Plugin)
https://notcve.org/view.php?id=CVE-2025-42982
10 Jun 2025 — SAP GRC allows a non-administrative user to access and initiate transaction which could allow them to modify or control the transmitted system credentials. This causes high impact on confidentiality, integrity and availability of the application. • https://me.sap.com/notes/3609271 • CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-31045 – WordPress elfsight Contact Form widget <= 2.3.1 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-31045
09 Jun 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in elfsight elfsight Contact Form widget allows Retrieve Embedded Sensitive Data. This issue affects elfsight Contact Form widget: from n/a through 2.3.1. • https://patchstack.com/database/wordpress/plugin/elfsight-contact-form/vulnerability/wordpress-elfsight-contact-form-widget-2-3-1-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48261 – WordPress MultiVendorX <= 4.2.22 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-48261
09 Jun 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in MultiVendorX MultiVendorX allows Retrieve Embedded Sensitive Data. This issue affects MultiVendorX: from n/a through 4.2.22. • https://patchstack.com/database/wordpress/plugin/dc-woocommerce-multi-vendor/vulnerability/wordpress-multivendorx-4-2-22-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-45001
https://notcve.org/view.php?id=CVE-2025-45001
09 Jun 2025 — react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. • https://gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27247 – Pasteboard has an improper preservation of permissions vulnerability
https://notcve.org/view.php?id=CVE-2025-27247
08 Jun 2025 — in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-06.md • CWE-281: Improper Preservation of Permissions •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27563 – security_access_token has an improper preservation of permissions vulnerability
https://notcve.org/view.php?id=CVE-2025-27563
08 Jun 2025 — in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-06.md • CWE-281: Improper Preservation of Permissions •