CVSS: 5.3EPSS: 0%CPEs: 27EXPL: 0CVE-2025-20336 – Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-20336
03 Sep 2025 — A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. ... A successful exploit could allow the attacker to access sensitive information... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-write-g3kcC5Df •
CVSS: 4.3EPSS: 0%CPEs: 20EXPL: 0CVE-2025-20270 – Cisco Evolved Programmable Network Manager Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-20270
03 Sep 2025 — A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system. ... A successful exploit could allow a low-privileged user to view sensitive configuration information on the affected system that should be restricted. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-info-dis-zhPPMfgz •
CVSS: 6.6EPSS: 0%CPEs: -EXPL: 0CVE-2025-58598 – WordPress Klarna Order Management for WooCommerce Plugin <= 1.9.8 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-58598
03 Sep 2025 — Insertion of Sensitive Information Into Debugging Code vulnerability in Klarna Klarna Order Management for WooCommerce allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/klarna-order-management-for-woocommerce/vulnerability/wordpress-klarna-order-management-for-woocommerce-plugin-1-9-8-sensitive-data-exposure-vulnerability? • CWE-215: Insertion of Sensitive Information Into Debugging Code •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-53694 – Information Disclosure in ItemServices API
https://notcve.org/view.php?id=CVE-2025-53694
03 Sep 2025 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore Experience Manager (XM), Sitecore Experience Platform (XP).This issue affects Sitecore Experience Manager (XM): from 9.2 through 10.4; Experience Platform (XP): from 9.2 through 10.4. • https://labs.watchtowr.com/cache-me-if-you-can-sitecore-experience-platform-cache-poisoning-to-rce • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2025-9843 – Das Parking Management System 停车场管理系统 FindAll information disclosure
https://notcve.org/view.php?id=CVE-2025-9843
03 Sep 2025 — This manipulation causes information disclosure. ... Durch Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.322190 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 1CVE-2025-9842 – Das Parking Management System 停车场管理系统 Search information disclosure
https://notcve.org/view.php?id=CVE-2025-9842
03 Sep 2025 — The manipulation results in information disclosure. ... Durch das Manipulieren mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.322189 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22430
https://notcve.org/view.php?id=CVE-2025-22430
02 Sep 2025 — In isInSignificantPlace of multiple files, there is a possible way to access sensitive information due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/161eb6100d6f75f0a0df6da3d19da7fe842655c1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-22421
https://notcve.org/view.php?id=CVE-2025-22421
02 Sep 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/3b0704fd381a1ea32591aba99be3a9e4e6830be2 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-49728
https://notcve.org/view.php?id=CVE-2024-49728
02 Sep 2025 — In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible cross user media disclosure due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/packages/modules/Bluetooth/+/4b65cbb339db4d3a7a9a6100cb2e7c9f1ece9271 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49722
https://notcve.org/view.php?id=CVE-2024-49722
02 Sep 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://android.googlesource.com/platform/frameworks/base/+/8cba0e8bcfc291977f33f14fba0bd2b7f7fe8f6c • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •