CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-38272 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-38272
27 Mar 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments. • https://www.ibm.com/support/pages/node/7229212 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37405 – IBM Cloud Pak System information disclosure
https://notcve.org/view.php?id=CVE-2023-37405
27 Mar 2025 — IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 stores sensitive data in memory, that could be obtained by an unauthorized user. • https://www.ibm.com/support/pages/node/7229212 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-1998 – IBM UrbanCode Deploy (UCD) / IBM DevOps Deploy information disclosure
https://notcve.org/view.php?id=CVE-2025-1998
27 Mar 2025 — IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user. • https://www.ibm.com/support/pages/node/7229034 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45361 – Mi Connect Service APP protocol flaws lead to leaking sensitive user information
https://notcve.org/view.php?id=CVE-2024-45361
27 Mar 2025 — The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information. • https://trust.mi.com/zh-CN/misrc/bulletins/advisory?cveId=558 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29486
https://notcve.org/view.php?id=CVE-2025-29486
27 Mar 2025 — libming v0.4.8 was discovered to contain a memory leak via the parseSWF_PLACEOBJECT3 function. • https://github.com/goodmow/PoC/blob/main/libming/libming-fuzz3.readme • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29488
https://notcve.org/view.php?id=CVE-2025-29488
27 Mar 2025 — libming v0.4.8 was discovered to contain a memory leak via the parseSWF_INITACTION function. • https://github.com/goodmow/PoC/blob/main/libming/libming-fuzz5.readme • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29489
https://notcve.org/view.php?id=CVE-2025-29489
27 Mar 2025 — libming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHLINESTYLES function. • https://github.com/goodmow/PoC/blob/main/libming/libming-fuzz7.readme • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-29497
https://notcve.org/view.php?id=CVE-2025-29497
27 Mar 2025 — libming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHFILLSTYLES function. • https://github.com/goodmow/PoC/blob/main/libming/libming-fuzz15.readme • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2025-20227 – Information Disclosure through external content warning modal dialog box bypass in Splunk Enterprise Dashboard Studio
https://notcve.org/view.php?id=CVE-2025-20227
26 Mar 2025 — In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.112, 9.2.2403.115, 9.1.2312.208 and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could bypass the external content warning modal dialog box in Dashboard Studio dashboards which could lead to an information disclosure. • https://advisory.splunk.com/advisories/SVD-2025-0306 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-20231 – Sensitive Information Disclosure in Splunk Secure Gateway App
https://notcve.org/view.php?id=CVE-2025-20231
26 Mar 2025 — In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information. • https://advisory.splunk.com/advisories/SVD-2025-0302 • CWE-532: Insertion of Sensitive Information into Log File •