CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13407 – Omnipress <= 1.5.4 - Authenticated (Contributor+) Post Disclosure
https://notcve.org/view.php?id=CVE-2024-13407
13 Mar 2025 — The Omnipress plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.4 via the megamenu block due to insufficient restrictions on which posts can be included. • https://plugins.trac.wordpress.org/changeset/3254484/omnipress/trunk/includes/Blocks/BlockTypes/Megamenu.php • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-2002
https://notcve.org/view.php?id=CVE-2025-2002
12 Mar 2025 — CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device. CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug ... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-070-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-070-01.pdf • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-2239 – Absolute Path Disclosure Vulnerability in Hillstone Next Generation FireWall
https://notcve.org/view.php?id=CVE-2025-2239
12 Mar 2025 — Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23. • https://www.hillstonenet.com.cn/security-notification/2025/02/17/stoneosjd • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23242 – NVIDIA Riva Triton Inference Server Missing Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2025-23242
11 Mar 2025 — A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5625 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24992 – Windows NTFS Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24992
11 Mar 2025 — Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24992 • CWE-126: Buffer Over-read •
CVSS: 4.9EPSS: 19%CPEs: 21EXPL: 0CVE-2025-24984 – Microsoft Windows NTFS Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24984
11 Mar 2025 — Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24984 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.6EPSS: 0%CPEs: 26EXPL: 0CVE-2025-24055 – Windows USB Video Class System Driver Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-24055
11 Mar 2025 — Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24055 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-2189 – Information Disclosure Vulnerability in Tinxy Smart Devices
https://notcve.org/view.php?id=CVE-2025-2189
11 Mar 2025 — This vulnerability exists in the Tinxy smart devices due to storage of credentials in plaintext within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the plaintext credentials stored on the vulnerable device. Esta vulnerabilidad existe en los dispositivos inteligentes Tinxy debido al almacenamiento de credenciales en texto plano dentro del firmware del dispositivo. Un atacante con acceso físico podría aprovechar est... • https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0043 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22340 – IBM Common Cryptographic Architecture information disclosure
https://notcve.org/view.php?id=CVE-2024-22340
11 Mar 2025 — IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack. • https://www.ibm.com/support/pages/node/7185282 • CWE-208: Observable Timing Discrepancy •
CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41760 – IBM Common Cryptographic Architecture information disclosure
https://notcve.org/view.php?id=CVE-2024-41760
11 Mar 2025 — IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensitive information due to a timing attack during certain RSA operations. • https://www.ibm.com/support/pages/node/7185282 • CWE-203: Observable Discrepancy •