CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2025-2988 – IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure
https://notcve.org/view.php?id=CVE-2025-2988
19 Aug 2025 — IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7242391 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2025-38611 – vmci: Prevent the dispatching of uninitialized payloads
https://notcve.org/view.php?id=CVE-2025-38611
19 Aug 2025 — Before dispatching the datagram, and before setting the payload content, explicitly set the payload content to 0 to avoid data leakage caused by incomplete payload initialization. ... Before dispatching the datagram, and before setting the payload content, explicitly set the payload content to 0 to avoid data leakage caused by incomplete payload initialization. • https://git.kernel.org/stable/c/28d6692cd8fb2a900edba5e5983be4478756ef6f •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1CVE-2025-9139 – Scada-LTS WatchListDwr.init.dwr information disclosure
https://notcve.org/view.php?id=CVE-2025-9139
19 Aug 2025 — Executing manipulation can lead to information disclosure. ... Durch die Manipulation mit unbekannten Daten kann eine information disclosure-Schwachstelle ausgenutzt werden. • https://vuldb.com/?id.320519 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-54118 – NamelessMC allows sensitive information disclosure in member list component
https://notcve.org/view.php?id=CVE-2025-54118
18 Aug 2025 — Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. • https://github.com/NamelessMC/Nameless/security/advisories/GHSA-cj37-8jqc-hv2w • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-33100 – IBM Concert Software information disclosure
https://notcve.org/view.php?id=CVE-2025-33100
18 Aug 2025 — IBM Concert Software 1.0.0 through 1.1.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. • https://www.ibm.com/support/pages/node/7242354 • CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1759 – IBM Concert Software information disclosure
https://notcve.org/view.php?id=CVE-2025-1759
18 Aug 2025 — IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory. • https://www.ibm.com/support/pages/node/7242354 • CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') •
CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49827 – IBM Concert Software information disclosure
https://notcve.org/view.php?id=CVE-2024-49827
18 Aug 2025 — IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering. • https://www.ibm.com/support/pages/node/7242354 • CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52619 – HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure
https://notcve.org/view.php?id=CVE-2025-52619
15 Aug 2025 — HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-7499 – BetterDocs <= 4.1.1 - Missing Authorization to Private And Password-Protected Posts Information Disclosure
https://notcve.org/view.php?id=CVE-2025-7499
15 Aug 2025 — The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_response function in all versions up to and including 4.1.1. This makes it possible for unauthenticated attackers to retrieve passwords for password-protected documents as well as the metadata of private and draft documents. • https://www.wordfence.com/threat-intel/vulnerabilities/id/5231b741-4d02-45b5-b2aa-0d9d3536a416?source=cve • CWE-862: Missing Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-8091 – EventON Lite <= 2.4.6 - Authenticated (Contributor+) Information Disclosure
https://notcve.org/view.php?id=CVE-2025-8091
14 Aug 2025 — The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to. • https://www.wordfence.com/threat-intel/vulnerabilities/id/421fcee2-a05d-4486-837e-ddee3d73d737?source=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •