Total
320 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20050 | 5 Google, Linuxfoundation, Mediatek and 2 more | 47 Android, Yocto, Mt2713 and 44 more | 2025-04-23 | N/A | 4.4 MEDIUM |
| In flashc, there is a possible information disclosure due to an uncaught exception. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541757; Issue ID: ALPS08541757. | |||||
| CVE-2022-32833 | 1 Apple | 3 Iphone Os, Macos, Safari | 2025-04-21 | N/A | 5.3 MEDIUM |
| An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. This issue is fixed in iOS 16. An unauthorized user may be able to access browsing history. | |||||
| CVE-2025-22983 | 1 Thecosy | 1 Icecms | 2025-04-21 | N/A | 7.5 HIGH |
| An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information. | |||||
| CVE-2017-0493 | 1 Google | 1 Android | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability in File-Based Encryption could enable a local malicious attacker to bypass operating system protections for the lock screen. This issue is rated as Moderate due to the possibility of bypassing the lock screen. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-32793550. | |||||
| CVE-2017-16560 | 1 Sandisk | 1 Secureaccess | 2025-04-20 | 2.1 LOW | 4.3 MEDIUM |
| SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes. | |||||
| CVE-2017-7253 | 1 Dahuasecurity | 2 Ip Camera, Ip Camera Firmware | 2025-04-20 | 9.0 HIGH | 8.8 HIGH |
| Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with admin credentials so as to obtain full control of the target IP camera. During exploitation, the first JSON object encountered has a "Component error: login challenge!" message. The second JSON object encountered has a result indicating a successful admin login. | |||||
| CVE-2017-6911 | 1 Usb Pratirodh Project | 1 Usb Pratirodh | 2025-04-20 | 2.1 LOW | 6.6 MEDIUM |
| USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify the file according his own requirements that may aid in further attack. | |||||
| CVE-2025-22984 | 1 Thecosy | 1 Icecms | 2025-04-18 | N/A | 7.5 HIGH |
| An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information. | |||||
| CVE-2024-57546 | 1 Cmsimple | 1 Cmsimple | 2025-04-16 | N/A | 7.5 HIGH |
| An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function. | |||||
| CVE-2023-41965 | 1 Socomec | 2 Modulys Gp, Modulys Gp Firmware | 2025-04-15 | N/A | 7.5 HIGH |
| Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process. | |||||
| CVE-2022-40959 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-15 | N/A | 6.5 MEDIUM |
| During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. | |||||
| CVE-2024-32236 | 1 Cmseasy | 1 Cmseasy | 2025-04-14 | N/A | 3.5 LOW |
| An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component. | |||||
| CVE-2024-23561 | 1 Hcltechsw | 2 Hcl Devops Deploy, Hcl Launch | 2025-04-11 | N/A | 4.3 MEDIUM |
| HCL DevOps Deploy / HCL Launch is vulnerable to sensitive information disclosure vulnerability due to insufficient obfuscation of sensitive values. | |||||
| CVE-2025-29809 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally. | |||||
| CVE-2025-2440 | 2025-04-09 | N/A | 4.2 MEDIUM | ||
| CWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially lead to unauthorized access of confidential data when a malicious user, having physical access and advanced information on the file system, sets the radio in factory default mode. | |||||
| CVE-2024-23232 | 1 Apple | 1 Macos | 2025-03-27 | N/A | 3.3 LOW |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4. An app may be able to capture a user's screen. | |||||
| CVE-2021-36546 | 1 Kitesky | 1 Kitecms | 2025-03-26 | N/A | 7.5 HIGH |
| Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL. | |||||
| CVE-2025-20886 | 1 Samsung | 1 Android | 2025-03-25 | N/A | 4.1 MEDIUM |
| Inclusion of sensitive information in test code in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key. | |||||
| CVE-2025-24101 | 1 Apple | 1 Macos | 2025-03-24 | N/A | 5.5 MEDIUM |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data. | |||||
| CVE-2024-38312 | 1 Mozilla | 1 Firefox | 2025-03-19 | N/A | 6.5 MEDIUM |
| When browsing private tabs, some data related to location history or webpage thumbnails could be persisted incorrectly within the sandboxed app bundle after app termination This vulnerability affects Firefox for iOS < 127. | |||||