Page 3 of 12591 results (0.002 seconds)

CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0

10 Jun 2025 — Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32722 • CWE-284: Improper Access Control •

CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 0

10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32720 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0

10 Jun 2025 — Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32719 • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 25EXPL: 0

10 Jun 2025 — Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-32715 • CWE-125: Out-of-bounds Read •

CVSS: 9.0EPSS: 0%CPEs: -EXPL: 0

10 Jun 2025 — SAP GRC allows a non-administrative user to access and initiate transaction which could allow them to modify or control the transmitted system credentials. This causes high impact on confidentiality, integrity and availability of the application. • https://me.sap.com/notes/3609271 • CWE-862: Missing Authorization •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

09 Jun 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in elfsight elfsight Contact Form widget allows Retrieve Embedded Sensitive Data. This issue affects elfsight Contact Form widget: from n/a through 2.3.1. • https://patchstack.com/database/wordpress/plugin/elfsight-contact-form/vulnerability/wordpress-elfsight-contact-form-widget-2-3-1-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

09 Jun 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in MultiVendorX MultiVendorX allows Retrieve Embedded Sensitive Data. This issue affects MultiVendorX: from n/a through 4.2.22. • https://patchstack.com/database/wordpress/plugin/dc-woocommerce-multi-vendor/vulnerability/wordpress-multivendorx-4-2-22-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

09 Jun 2025 — react-native-keys 0.7.11 is vulnerable to sensitive information disclosure (remote) as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. • https://gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

08 Jun 2025 — in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-06.md • CWE-281: Improper Preservation of Permissions •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

08 Jun 2025 — in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission. • https://gitee.com/openharmony/security/blob/master/zh/security-disclosure/2025/2025-06.md • CWE-281: Improper Preservation of Permissions •