CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22275
https://notcve.org/view.php?id=CVE-2025-22275
03 Jan 2025 — iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote attackers to obtain sensitive information from terminal commands by reading the /tmp/framer.txt file. • https://gitlab.com/gnachman/iterm2/-/wikis/SSH-Integration-Information-Leak • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56270 – WordPress WP SecureSubmit plugin <= 1.5.16 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-56270
03 Jan 2025 — The WP SecureSubmit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.5.16. • https://patchstack.com/database/wordpress/plugin/securesubmit/vulnerability/wordpress-wp-securesubmit-plugin-1-5-16-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56300 – WordPress Post/Page Copying Tool plugin <= 2.0.0 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2024-56300
03 Jan 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in WPSpins Post/Page Copying Tool allows Retrieve Embedded Sensitive Data.This issue affects Post/Page Copying Tool: from n/a through 2.0.0. ... The Post/Page Copying Tool to Export and Import post/page for Cross site Migration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.0. • https://patchstack.com/database/wordpress/plugin/postpage-import-export-with-custom-fields-taxonomies/vulnerability/wordpress-post-page-copying-tool-plugin-2-0-0-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49385
https://notcve.org/view.php?id=CVE-2024-49385
02 Jan 2025 — Sensitive information disclosure due to insecure folder permissions. • https://security-advisory.acronis.com/advisories/SEC-2397 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-55538
https://notcve.org/view.php?id=CVE-2024-55538
02 Jan 2025 — Sensitive information disclosure due to missing authentication. • https://security-advisory.acronis.com/advisories/SEC-2209 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13110 – Beijing Yunfan Internet Technology Yunfan Learning Examination System Exam Answer PaperController.java, information disclosure
https://notcve.org/view.php?id=CVE-2024-13110
02 Jan 2025 — The manipulation leads to information disclosure. ... Durch Beeinflussen mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/qiutiandefeng/yfexam-exam/issues/5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12105 – WhatsUp Gold - SnmpExtendedActiveMonitor path traversal
https://notcve.org/view.php?id=CVE-2024-12105
31 Dec 2024 — In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure. In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure. • https://www.progress.com/network-monitoring • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2024-13042 – Tsinghua Unigroup Electronic Archives Management System download.html download information disclosure
https://notcve.org/view.php?id=CVE-2024-13042
30 Dec 2024 — The manipulation of the argument path leads to information disclosure. ... The manipulation of the argument path leads to information disclosure. ... Durch Manipulation des Arguments path mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://github.com/BxYQ/zg_fileread • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2024-12984 – Amcrest IP2M-841B Web Interface webCapsConfig information disclosure
https://notcve.org/view.php?id=CVE-2024-12984
27 Dec 2024 — The manipulation leads to information disclosure. ... The vendor was contacted early about this disclosure but did not respond in any way. ... Dank der Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://netsecfish.notion.site/AMCREST-IP-Camera-Information-Disclosure-1596b683e67c8045ad10c16b3eed456f? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2020-9089
https://notcve.org/view.php?id=CVE-2020-9089
27 Dec 2024 — There is an information vulnerability in Huawei smartphones. ... Attackers with user access can exploit this vulnerability to obtain some information. This can lead to information leak. • https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200826-09-smartphone-en • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •