CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31686 – Open Social - Less critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-015
https://notcve.org/view.php?id=CVE-2025-31686
31 Mar 2025 — Missing Authorization vulnerability in Drupal Open Social allows Forceful Browsing.This issue affects Open Social: from 0.0.0 before 12.3.11, from 12.4.0 before 12.4.10. • https://www.drupal.org/sa-contrib-2025-015 • CWE-862: Missing Authorization •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31678 – AI (Artificial Intelligence) - Moderately critical - Access bypass, Information Disclosure - SA-CONTRIB-2025-004
https://notcve.org/view.php?id=CVE-2025-31678
31 Mar 2025 — Missing Authorization vulnerability in Drupal AI (Artificial Intelligence) allows Forceful Browsing.This issue affects AI (Artificial Intelligence): from 0.0.0 before 1.0.3. • https://www.drupal.org/sa-contrib-2025-004 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 1%CPEs: -EXPL: 0CVE-2025-2071 – OS Command Injection Vulnerability in FAST LTA Silent Brick WebUI
https://notcve.org/view.php?id=CVE-2025-2071
31 Mar 2025 — Successful exploitation could allow attackers to execute arbitrary commands on the affected system, potentially resulting in unauthorized access, data leakage, or full system compromise. • https://www.fast-lta.de/de/fast/silent-bricks-software-2-63 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-31001 – WordPress GTM Kit plugin <= 2.3.1 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-31001
31 Mar 2025 — Debug Messages Revealing Unnecessary Information vulnerability in TLA Media GTM Kit allows Retrieve Embedded Sensitive Data. This issue affects GTM Kit: from n/a through 2.3.1. The GTM Kit – Google Tag Manager & GA4 integration plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.0. This makes it possible for unauthenticated attackers to extract sensitive user or configuration data. • https://patchstack.com/database/wordpress/plugin/gtm-kit/vulnerability/wordpress-gtm-kit-plugin-2-3-1-sensitive-data-exposure-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-1295: Debug Messages Revealing Unnecessary Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55895 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-55895
29 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7185450 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51477 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-51477
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy. • https://www.ibm.com/support/pages/node/7185058 • CWE-203: Observable Discrepancy •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7577 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-7577
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of the product. • https://www.ibm.com/support/pages/node/7185020 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43186 – IBM InfoSphere Information Server information disclosure
https://notcve.org/view.php?id=CVE-2024-43186
28 Mar 2025 — IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions. • https://www.ibm.com/support/pages/node/7184980 • CWE-256: Plaintext Storage of a Password •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38272 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-38272
27 Mar 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments. • https://www.ibm.com/support/pages/node/7229212 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37405 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-37405
27 Mar 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 stores sensitive data in memory, that could be obtained by an unauthorized user. • https://www.ibm.com/support/pages/node/7229212 • CWE-311: Missing Encryption of Sensitive Data •