CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2025-6797 – Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6797
27 Jun 2025 — Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker c... • https://www.zerodayinitiative.com/advisories/ZDI-25-456 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2025-6799 – Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6799
27 Jun 2025 — Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker c... • https://www.zerodayinitiative.com/advisories/ZDI-25-458 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2025-6800 – Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6800
27 Jun 2025 — Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker... • https://www.zerodayinitiative.com/advisories/ZDI-25-459 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2025-6803 – Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6803
27 Jun 2025 — Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker ... • https://www.zerodayinitiative.com/advisories/ZDI-25-452 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: %CPEs: 1EXPL: 0CVE-2025-6804 – Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6804
27 Jun 2025 — Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An att... • https://www.zerodayinitiative.com/advisories/ZDI-25-453 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: %CPEs: 1EXPL: 0CVE-2025-6807 – Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6807
27 Jun 2025 — Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. An attacker can... • https://www.zerodayinitiative.com/advisories/ZDI-25-463 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36034 – IBM InfoSphere DataStage Flow Designer information disclosure
https://notcve.org/view.php?id=CVE-2025-36034
26 Jun 2025 — IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques. • https://www.ibm.com/support/pages/node/7237604 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3722
https://notcve.org/view.php?id=CVE-2025-3722
26 Jun 2025 — A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure. • https://thrive.trellix.com/s/article/000014635 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6678 – Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6678
25 Jun 2025 — Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autel MaxiCharger AC Wallbox Commercial charging stations. • https://www.zerodayinitiative.com/advisories/ZDI-25-342 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-41647 – Lenze: Plaintext Password Disclosure in PLC Designer V4 Interface
https://notcve.org/view.php?id=CVE-2025-41647
25 Jun 2025 — A local, low-privileged attacker can learn the password of the connected controller in PLC Designer V4 due to an incorrect implementation that results in the password being displayed in plain text under special conditions. • https://certvde.com/en/advisories/VDE-2025-043 • CWE-312: Cleartext Storage of Sensitive Information •