CVSS: 9.4EPSS: 0%CPEs: 72EXPL: 0CVE-2025-3755 – Information Disclosure and Denial-of-Service(DoS) Vulnerability in MELSEC iQ-F Series CPU module
https://notcve.org/view.php?id=CVE-2025-3755
29 May 2025 — Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series CPU modules allows a remote unauthenticated attacker to read information in the product, to cause a Denial-of-Service (DoS) condition in MELSOFT connection, or to stop the operation of the CPU module (causing a DoS condtion on the CPU module), by sending specially crafted packets. • https://jvn.jp/vu/JVNVU94070048 • CWE-1285: Improper Validation of Specified Index, Position, or Offset in Input •
CVSS: 4.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46722 – vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
https://notcve.org/view.php?id=CVE-2025-46722
28 May 2025 — This may lead to hash collisions, incorrect cache hits, and even data leakage or security risks. • https://github.com/vllm-project/vllm/commit/99404f53c72965b41558aceb1bc2380875f5d848 • CWE-1023: Incomplete Comparison with Missing Factors CWE-1288: Improper Validation of Consistency within Input •
CVSS: 5.1EPSS: 0%CPEs: 3EXPL: 0CVE-2024-47056 – Mautic does not shield .env files from web traffic
https://notcve.org/view.php?id=CVE-2024-47056
28 May 2025 — This exposure could lead to the disclosure of sensitive information, including database credentials, API keys, and other critical system configurations. This exposure could lead to the disclosure of sensitive information, including database credentials, API keys, and other critical system configurations. Sensitive Information Disclosure via .env File Exposure: The .env file, which typically contains environment variables and sensitive application configurations, is directly acces... • https://github.com/mautic/mautic/security/advisories/GHSA-h2wg-v8wg-jhxh • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5257 – Predictable Page Indexing Might Lead to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2025-5257
28 May 2025 — This could lead to the unintended disclosure of draft content or sensitive information. ... This could lead to the unintended disclosure of draft content or sensitive information. • https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38341 – IBM Sterling Secure Proxy information disclosure
https://notcve.org/view.php?id=CVE-2024-38341
28 May 2025 — IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7234888 • CWE-328: Use of Weak Hash •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25029 – IBM Security Guardium information disclosure
https://notcve.org/view.php?id=CVE-2025-25029
28 May 2025 — IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due to improper escaping of input. • https://www.ibm.com/support/pages/node/7234827 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25026 – IBM Security Guardium information disclosure
https://notcve.org/view.php?id=CVE-2025-25026
28 May 2025 — IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due to an incorrect authentication check. • https://www.ibm.com/support/pages/node/7234827 • CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25025 – IBM Security Guardium information disclosure
https://notcve.org/view.php?id=CVE-2025-25025
28 May 2025 — IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7234827 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27701
https://notcve.org/view.php?id=CVE-2025-27701
27 May 2025 — Later this values will be derefenced without prior NULL check, which can lead to local Temporary DoS or OOB Read, leading to information disclosure. • https://source.android.com/security/bulletin/pixel/2025-05-01 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56193
https://notcve.org/view.php?id=CVE-2024-56193
27 May 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://source.android.com/security/bulletin/pixel/2025-05-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •