CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-27431 – Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java
https://notcve.org/view.php?id=CVE-2025-27431
11 Mar 2025 — This could enable an attacker to inject malicious payload that gets stored and executed when a user accesses the functionality, hence leading to information disclosure or unauthorized data modifications within the scope of victim�s browser. • https://me.sap.com/notes/3567246 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23185 – Information Disclosure in SAP Business Objects Business Intelligence Platform
https://notcve.org/view.php?id=CVE-2025-23185
11 Mar 2025 — Only an attacker with administrator level privileges has access to this disclosed information, and they could use it to craft further exploits. • https://me.sap.com/notes/3549494 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2025-0071 – Information Disclosure vulnerability in SAP Web Dispatcher and Internet Communication Manager
https://notcve.org/view.php?id=CVE-2025-0071
11 Mar 2025 — SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative privileges to enable debugging trace mode with a specific parameter value. This exposes unencrypted passwords in the logs, causing a high impact on the confidentiality of the application. There is no impact on integrity or availability. • https://me.sap.com/notes/3558132 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-26701
https://notcve.org/view.php?id=CVE-2025-26701
11 Mar 2025 — The default service account credentials can lead to SSH access, use of Sudo to root, and sensitive data exposure. • https://www.percona.com/blog/security-advisory-cve-affecting-percona-monitoring-and-management-pmm • CWE-1393: Use of Default Password •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2137 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-2137
10 Mar 2025 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2136 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-2136
10 Mar 2025 — (Chromium security severity: Medium) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2135 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-2135
10 Mar 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1920 – Debian Security Advisory 5877-1
https://notcve.org/view.php?id=CVE-2025-1920
10 Mar 2025 — (Chromium security severity: High) Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2024-54469
https://notcve.org/view.php?id=CVE-2024-54469
10 Mar 2025 — A local user may be able to leak sensitive user information. • https://support.apple.com/en-us/121234 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56187
https://notcve.org/view.php?id=CVE-2024-56187
10 Mar 2025 — This could lead to local information disclosure with System execution privileges needed. • https://source.android.com/security/bulletin/pixel/2025-03-01 • CWE-125: Out-of-bounds Read •