CVSS: 3.3EPSS: %CPEs: -EXPL: 0CVE-2025-2157 – Foreman: disclosure of executed commands and outputs in foreman / red hat satellite
https://notcve.org/view.php?id=CVE-2025-2157
15 Mar 2025 — This issue can lead to information disclosure and privilege escalation if exploited effectively. • https://access.redhat.com/security/cve/CVE-2025-2157 • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 6.5EPSS: %CPEs: 1EXPL: 0CVE-2025-2025 – Give <= 3.22.0 - Missing Authorization to Unauthenticated Arbitrary Earning Reports Disclosure via give_reports_earnings Function
https://notcve.org/view.php?id=CVE-2025-2025
14 Mar 2025 — This makes it possible for unauthenticated attackers to disclose sensitive information included within earnings reports. • CWE-862: Missing Authorization •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45638 – IBM QRadar EDR information disclosure
https://notcve.org/view.php?id=CVE-2024-45638
14 Mar 2025 — IBM Security QRadar 3.12 EDR stores user credentials in plain text which can be read by a local privileged user. • https://www.ibm.com/support/pages/node/7185938 • CWE-256: Plaintext Storage of a Password •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45643 – IBM QRadar EDR information disclosure
https://notcve.org/view.php?id=CVE-2024-45643
14 Mar 2025 — IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive credential information. • https://www.ibm.com/support/pages/node/7185938 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2264 – Santesoft Sante PACS Server Path Traversal Information Disclosure
https://notcve.org/view.php?id=CVE-2025-2264
13 Mar 2025 — A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". • https://www.tenable.com/security/research/tra-2025-08 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13407 – Omnipress <= 1.5.4 - Authenticated (Contributor+) Post Disclosure
https://notcve.org/view.php?id=CVE-2024-13407
13 Mar 2025 — The Omnipress plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.4 via the megamenu block due to insufficient restrictions on which posts can be included. • https://plugins.trac.wordpress.org/changeset/3254484/omnipress/trunk/includes/Blocks/BlockTypes/Megamenu.php • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2025-2002
https://notcve.org/view.php?id=CVE-2025-2002
12 Mar 2025 — CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an administrative user and the debug files are exported from the device. CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure of FTP server credentials when the FTP server is deployed, and the device is placed in debug ... • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-070-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-070-01.pdf • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: -EXPL: 0CVE-2025-2239 – Absolute Path Disclosure Vulnerability in Hillstone Next Generation FireWall
https://notcve.org/view.php?id=CVE-2025-2239
12 Mar 2025 — Generation of Error Message Containing Sensitive Information vulnerability in Hillstone Networks Hillstone Next Generation FireWall.This issue affects Hillstone Next Generation FireWall: from 5.5R8P1 before 5.5R8P23. • https://www.hillstonenet.com.cn/security-notification/2025/02/17/stoneosjd • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23242 – NVIDIA Riva Triton Inference Server Missing Authentication Vulnerability
https://notcve.org/view.php?id=CVE-2025-23242
11 Mar 2025 — A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, denial of service, or information disclosure. • https://nvidia.custhelp.com/app/answers/detail/a_id/5625 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2025-24201 – Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2025-24201
11 Mar 2025 — Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. • https://support.apple.com/en-us/122281 • CWE-787: Out-of-bounds Write •