CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-20649
https://notcve.org/view.php?id=CVE-2025-20649
03 Mar 2025 — In Bluetooth Stack SW, there is a possible information disclosure due to a missing permission check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2025 • CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 5.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-20648
https://notcve.org/view.php?id=CVE-2025-20648
03 Mar 2025 — This could lead to local information disclosure with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/March-2025 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2025-25951
https://notcve.org/view.php?id=CVE-2025-25951
03 Mar 2025 — An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows attackers to access sensitive user information. • https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89638 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-55907 – IBM Cognos Mobile information disclosure
https://notcve.org/view.php?id=CVE-2024-55907
02 Mar 2025 — IBM Cognos Analytics Mobile 1.1 for iOS application could allow an attacker to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used due to weak obfuscation. • https://www.ibm.com/support/pages/node/7184429 • CWE-540: Inclusion of Sensitive Information in Source Code •
CVSS: 2.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0895 – IBM Cognos Mobile information disclosure
https://notcve.org/view.php?id=CVE-2025-0895
02 Mar 2025 — IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device, to obtain sensitive information from debugging code log messages. • https://www.ibm.com/support/pages/node/7184430 • CWE-215: Insertion of Sensitive Information Into Debugging Code •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41778 – IBM Controller information disclosure
https://notcve.org/view.php?id=CVE-2024-41778
01 Mar 2025 — IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. • https://www.ibm.com/support/pages/node/7184423 • CWE-521: Weak Password Requirements •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0985 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2025-0985
28 Feb 2025 — IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in environment variables that could be obtained by a local user. • https://www.ibm.com/support/pages/node/7184453 • CWE-526: Cleartext Storage of Sensitive Information in an Environment Variable •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54173 – IBM MQ information disclosure
https://notcve.org/view.php?id=CVE-2024-54173
28 Feb 2025 — IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals potentially sensitive information in trace files that could be read by a local user when webconsole trace is enabled. • https://www.ibm.com/support/pages/node/7183370 • CWE-1323: Improper Management of Sensitive Trace Data •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56810 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56810
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-56496 – IBM EntireX information disclosure
https://notcve.org/view.php?id=CVE-2024-56496
27 Feb 2025 — IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7184194 • CWE-209: Generation of Error Message Containing Sensitive Information •