CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-27474 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-27474
08 Apr 2025 — Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27474 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-26667 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26667
08 Apr 2025 — Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26667 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2025-26669 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26669
08 Apr 2025 — Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26669 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2025-26664 – Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-26664
08 Apr 2025 — Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26664 • CWE-126: Buffer Over-read •
CVSS: 2.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-32122
https://notcve.org/view.php?id=CVE-2024-32122
08 Apr 2025 — A storing passwords in a recoverable format in Fortinet FortiOS versions 7.2.0 through 7.2.1 allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server. • https://fortiguard.fortinet.com/psirt/FG-IR-24-111 • CWE-257: Storing Passwords in a Recoverable Format •
CVSS: 4.2EPSS: 0%CPEs: -EXPL: 0CVE-2025-27435 – Information Disclosure Vulnerability in SAP Commerce Cloud
https://notcve.org/view.php?id=CVE-2025-27435
08 Apr 2025 — Under specific conditions and prerequisites, an unauthenticated attacker could access customer coupon codes exposed in the URL parameters of the Coupon Campaign URL in SAP Commerce. This could allow the attacker to use the disclosed coupon code, hence posing a low impact on confidentiality and integrity of the application. Bajo ciertas condiciones y requisitos previos, un atacante no autenticado podría acceder a los códigos de cupón de los clientes expuestos en los parámetros de la URL de la campaña de cupo... • https://me.sap.com/notes/3539465 • CWE-862: Missing Authorization •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-26657 – Information Disclosure vulnerability in SAP KMC WPC
https://notcve.org/view.php?id=CVE-2025-26657
08 Apr 2025 — SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability. SAP KMC WPC permite que un atacante no autenticado obtenga nombres de usuario de forma remota mediante una simple consulta de parámetros, lo que podría exponer información confidencial, con un impacto mínimo en la confidencialidad de la aplicación. Esto no ... • https://me.sap.com/notes/3568307 • CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-26654 – Potential information disclosure vulnerability in SAP Commerce Cloud (Public Cloud)
https://notcve.org/view.php?id=CVE-2025-26654
08 Apr 2025 — However, the confidentiality and integrity of data sent on the first request before the redirect may be impacted if the client is configured to use HTTP and sends confidential data on the first request before the redirect. • https://me.sap.com/notes/3543274 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-21431 – Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive OS Platform
https://notcve.org/view.php?id=CVE-2025-21431
07 Apr 2025 — Information disclosure may be there when a guest VM is connected. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.5EPSS: 0%CPEs: 19EXPL: 0CVE-2024-45552 – Buffer Over-read in Data Network Stack & Connectivity
https://notcve.org/view.php?id=CVE-2024-45552
07 Apr 2025 — Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. • https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2025-bulletin.html • CWE-126: Buffer Over-read •