CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 2CVE-2025-25037 – Aquatronica Controller System Complete Information Disclosure
https://notcve.org/view.php?id=CVE-2025-25037
20 Jun 2025 — An information disclosure vulnerability exists in Aquatronica Controller System firmware versions <= 5.1.6 and web interface versions <= 2.0. • https://fortiguard.fortinet.com/encyclopedia/ips/56008 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-5416 – Keycloak-core: keycloak environment information
https://notcve.org/view.php?id=CVE-2025-5416
20 Jun 2025 — A vulnerability has been identified in Keycloak that could lead to unauthorized information disclosure. While it requires an already authenticated user, the /admin/serverinfo endpoint can inadvertently provide sensitive environment information. • https://access.redhat.com/security/cve/CVE-2025-5416 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32753
https://notcve.org/view.php?id=CVE-2025-32753
20 Jun 2025 — A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, information disclosure, and information tampering. • https://www.dell.com/support/kbdoc/en-us/000326339/dsa-2025-208-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-49715 – Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-49715
20 Jun 2025 — Exposure of private personal information to an unauthorized actor in Dynamics 365 FastTrack Implementation Assets allows an unauthorized attacker to disclose information over a network. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49715 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36050 – IBM QRadar SIEM information disclosure
https://notcve.org/view.php?id=CVE-2025-36050
19 Jun 2025 — IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 stores potentially sensitive information in log files that could be read by a local user. • https://www.ibm.com/support/pages/node/7237317 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4661 – Path transversal vulnerability potentially leading to sensitive information disclosure
https://notcve.org/view.php?id=CVE-2025-4661
19 Jun 2025 — A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended directory potentially leading to the disclosure of sensitive information. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35814 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-52719 – WordPress ProfileGrid plugin <= 5.9.5.2 - Full Path Disclosure (FPD) Vulnerability
https://notcve.org/view.php?id=CVE-2025-52719
19 Jun 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Metagauss ProfileGrid allows Retrieve Embedded Sensitive Data. ... The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.9.5.2. ... The information displayed is not useful on its own, and requires another vulnerability to be present for damage to an affected website. • https://patchstack.com/database/wordpress/plugin/profilegrid-user-profiles-groups-and-communities/vulnerability/wordpress-profilegrid-plugin-5-9-5-2-full-path-disclosure-fpd-vulnerability? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1348 – IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure
https://notcve.org/view.php?id=CVE-2025-1348
18 Jun 2025 — IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy. • https://www.ibm.com/support/pages/node/7237068 • CWE-525: Use of Web Browser Cache Containing Sensitive Information •
CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2022-50222 – tty: vt: initialize unicode screen buffer
https://notcve.org/view.php?id=CVE-2022-50222
18 Jun 2025 — ---------- #include
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-50169 – wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
https://notcve.org/view.php?id=CVE-2022-50169
18 Jun 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() The simple_write_to_buffer() function will succeed if even a single byte is initialized. In the Linux kernel, the following vulnerability has been resolved: wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() The simple_write_to_buffer() function will succeed if even a single byte is initialized. However, we need to initialize the whole buffe... • https://git.kernel.org/stable/c/ff974e4083341383d3dd4079e52ed30f57f376f0 •