Total
265 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4229 | 2025-06-16 | N/A | N/A | ||
| An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW and Prisma® Access are not affected by this vulnerability. | |||||
| CVE-2025-31045 | 2025-06-12 | N/A | 7.5 HIGH | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in elfsight elfsight Contact Form widget allows Retrieve Embedded Sensitive Data. This issue affects elfsight Contact Form widget: from n/a through 2.3.1. | |||||
| CVE-2025-0036 | 2025-06-12 | N/A | 3.2 LOW | ||
| In AMD Versal Adaptive SoC devices, the incorrect configuration of the SSS during runtime (post-boot) cryptographic operations could cause data to be incorrectly written to and read from invalid locations as well as returning incorrect cryptographic data. | |||||
| CVE-2024-53814 | 1 Analytify | 1 Analytify - Google Analytics Dashboard | 2025-06-09 | N/A | 6.5 MEDIUM |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Analytify.This issue affects Analytify: from n/a through 5.4.3. | |||||
| CVE-2025-47540 | 1 Wedevs | 1 Wemail | 2025-06-09 | N/A | 5.3 MEDIUM |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs weMail allows Retrieve Embedded Sensitive Data. This issue affects weMail: from n/a through 1.14.13. | |||||
| CVE-2025-5893 | 2025-06-09 | N/A | 9.8 CRITICAL | ||
| Smart Parking Management System from Honding Technology has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to access a specific page and obtain plaintext administrator credentials. | |||||
| CVE-2025-49419 | 2025-06-06 | N/A | 5.5 MEDIUM | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in esigngenie Foxit eSign for WordPress allows Retrieve Embedded Sensitive Data. This issue affects Foxit eSign for WordPress: from n/a through 2.0.3. | |||||
| CVE-2025-23969 | 2025-06-06 | N/A | 5.3 MEDIUM | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences allows Retrieve Embedded Sensitive Data. This issue affects KI Live Video Conferences: from n/a through 5.5.15. | |||||
| CVE-2025-2236 | 2025-05-28 | N/A | N/A | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability could reveal sensitive information while managing and configuring of the external services. This issue affects Advanced Authentication versions before 6.5. | |||||
| CVE-2025-30170 | 2025-05-23 | N/A | 5.5 MEDIUM | ||
| Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers access to file system information if session administrator credentials become compromised. This issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03. | |||||
| CVE-2025-39394 | 2025-05-21 | N/A | 5.3 MEDIUM | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid Plugins AnalyticsWP allows Retrieve Embedded Sensitive Data.This issue affects AnalyticsWP: from n/a through 2.1.2. | |||||
| CVE-2025-4364 | 2025-05-21 | N/A | N/A | ||
| The affected products could allow an unauthenticated attacker to access system information that could enable further access to sensitive files and obtain administrative credentials. | |||||
| CVE-2025-23382 | 1 Dell | 1 Secure Connect Gateway | 2025-05-20 | N/A | 5.5 MEDIUM |
| Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.c | |||||
| CVE-2025-31062 | 2025-05-19 | N/A | 4.3 MEDIUM | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist allows Retrieve Embedded Sensitive Data. This issue affects Wishlist: from n/a through 2.1.0. | |||||
| CVE-2025-32299 | 2025-05-19 | N/A | 4.3 MEDIUM | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themovation QuickCal allows Retrieve Embedded Sensitive Data. This issue affects QuickCal: from n/a through 1.0.15. | |||||
| CVE-2025-48024 | 2025-05-16 | N/A | 5.0 MEDIUM | ||
| In BlueWave Checkmate before 2.1, an authenticated regular user can access sensitive application secrets via the /api/v1/settings endpoint. | |||||
| CVE-2025-22222 | 1 Vmware | 2 Aria Operations, Cloud Foundation | 2025-05-14 | N/A | 7.7 HIGH |
| VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known. | |||||
| CVE-2025-46747 | 2025-05-12 | N/A | 5.7 MEDIUM | ||
| An authenticated user without user-management permissions could identify other user accounts. | |||||
| CVE-2025-3606 | 2025-04-29 | N/A | 7.5 HIGH | ||
| Vestel AC Charger version 3.75.0 contains a vulnerability that could enable an attacker to access files containing sensitive information, such as credentials which could be used to further compromise the device. | |||||
| CVE-2025-30686 | 1 Oracle | 1 Hospitality Simphony | 2025-04-21 | N/A | 7.6 HIGH |
| Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: EMC). Supported versions that are affected are 19.1-19.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Simphony accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Simphony accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality Simphony. CVSS 3.1 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L). | |||||