CVSS: 2.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-11634 – Tomofun Furbo 360/Furbo Mini UART information disclosure
https://notcve.org/view.php?id=CVE-2025-11634
12 Oct 2025 — The manipulation results in information disclosure. ... Die Manipulation führt zu information disclosure. • https://vuldb.com/?ctiid.328045 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-9549 – Facets - Moderately critical - Information Disclosure - SA-CONTRIB-2025-099
https://notcve.org/view.php?id=CVE-2025-9549
10 Oct 2025 — Missing Authorization vulnerability in Drupal Facets allows Forceful Browsing.This issue affects Facets: from 0.0.0 before 2.0.10, from 3.0.0 before 3.0.1. • https://www.drupal.org/sa-contrib-2025-099 • CWE-862: Missing Authorization •
CVSS: 7.0EPSS: 0%CPEs: 17EXPL: 0CVE-2025-23282
https://notcve.org/view.php?id=CVE-2025-23282
10 Oct 2025 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. • https://nvd.nist.gov/vuln/detail/CVE-2025-23282 • CWE-415: Double Free •
CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 0CVE-2025-23280
https://notcve.org/view.php?id=CVE-2025-23280
10 Oct 2025 — A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. • https://nvd.nist.gov/vuln/detail/CVE-2025-23280 • CWE-416: Use After Free •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-61780 – Rack has Possible Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-61780
10 Oct 2025 — Prior to versions 2.2.20, 3.1.18, and 3.2.3, a possible information disclosure vulnerability existed in `Rack::Sendfile` when running behind a proxy that supports `x-sendfile` headers (such as Nginx). • https://github.com/rack/rack/commit/57277b7741581fa827472c5c666f6e6a33abd784 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-441: Unintended Proxy or Intermediary ('Confused Deputy') CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-61864
https://notcve.org/view.php?id=CVE-2025-61864
10 Oct 2025 — Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. • https://jvn.jp/en/vu/JVNVU90008453 • CWE-416: Use After Free •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-61863
https://notcve.org/view.php?id=CVE-2025-61863
10 Oct 2025 — Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. • https://jvn.jp/en/vu/JVNVU90008453 • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-61862
https://notcve.org/view.php?id=CVE-2025-61862
10 Oct 2025 — Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. • https://jvn.jp/en/vu/JVNVU90008453 • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-61861
https://notcve.org/view.php?id=CVE-2025-61861
10 Oct 2025 — Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. • https://jvn.jp/en/vu/JVNVU90008453 • CWE-125: Out-of-bounds Read •
CVSS: 8.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-61860
https://notcve.org/view.php?id=CVE-2025-61860
10 Oct 2025 — Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. • https://jvn.jp/en/vu/JVNVU90008453 • CWE-125: Out-of-bounds Read •