CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36026 – IBM Datacap information disclosure
https://notcve.org/view.php?id=CVE-2025-36026
28 Jun 2025 — IBM Datacap 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. • https://www.ibm.com/support/pages/node/7238443 • CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-53322 – WordPress Accept Authorize.NET Payments Using Contact Form 7 plugin <= 2.5 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-53322
27 Jun 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Authorize.NET Payments Using Contact Form 7 allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/accept-authorize-net-payments-using-contact-form-7/vulnerability/wordpress-accept-authorize-net-payments-using-contact-form-7-plugin-2-5-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-53309 – WordPress Accept Stripe Payments Using Contact Form 7 plugin <= 3.0 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-53309
27 Jun 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in ZealousWeb Accept Stripe Payments Using Contact Form 7 allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/accept-stripe-payments-using-contact-form-7/vulnerability/wordpress-accept-stripe-payments-using-contact-form-7-plugin-3-0-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-53211 – WordPress Audio Editor & Recorder plugin <= 2.2.3 - Sensitive Data Exposure Vulnerability
https://notcve.org/view.php?id=CVE-2025-53211
27 Jun 2025 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roland Beaussant Audio Editor & Recorder allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/audio-editor-recorder/vulnerability/wordpress-audio-editor-recorder-plugin-2-2-3-sensitive-data-exposure-vulnerability? • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 9.4EPSS: 0%CPEs: -EXPL: 0CVE-2025-6793 – Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6793
27 Jun 2025 — This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to delete files and disclose information in the context of SYSTEM. •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-6795 – Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6795
27 Jun 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-6796 – Marvell QConvergeConsole getAppFileBytes Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6796
27 Jun 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-6797 – Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6797
27 Jun 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-6799 – Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6799
27 Jun 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-6800 – Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-6800
27 Jun 2025 — This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. ... An attacker can leverage this vulnerability to disclose information in the context of SYSTEM. •