CVE-2025-23074

LOW Year: 2025
CVSS v3 Score
2.4
Low
Weakness Type
CWE-200
View all →

Vulnerability Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation Mediawiki - SocialProfile Extension allows Functionality Misuse.This issue affects Mediawiki - SocialProfile Extension: from 1.39.X before 1.39.11, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2.

Related Vulnerabilities

CVE-2011-2343

LOW
CVSS:2.4(Low)

The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.

CWE-2002011

CVE-2016-1000002

LOW
CVSS:2.4(Low)

gdm3 3.14.2 and possibly later has an information leak before screen lock

CWE-2002016

CVE-2016-11027

LOW
CVSS:2.4(Low)

An issue was discovered on Samsung mobile devices with M(6.0) software. In the Shade Locked state, a physically proximate attacker can read notifications on the lock screen. The Samsung ID is SVE-2016...

CWE-2002016

CVE-2016-1852

LOW
CVSS:2.4(Low)

Siri in Apple iOS before 9.3.2 does not block data detectors within results in the lock-screen state, which allows physically proximate attackers to obtain sensitive contact and photo information via ...

CWE-2002016

CVE-2016-3291

LOW
CVSS:2.4(Low)

Microsoft Internet Explorer 11 and Microsoft Edge mishandle cross-origin requests, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Informat...

CWE-2002016

CVE-2016-3562

LOW
CVSS:2.4(Low)

Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DB...

CWE-2002016