CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0148 – Zoom Jenkins Marketplace plugin - Missing Password Field Masking
https://notcve.org/view.php?id=CVE-2025-0148
03 Feb 2025 — Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-25007 • CWE-549: Missing Password Field Masking •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-49838 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-49838
03 Feb 2025 — Information disclosure while parsing the OCI IE with invalid length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38417 – Buffer Over-read in Automotive Multimedia
https://notcve.org/view.php?id=CVE-2024-38417
03 Feb 2025 — Information disclosure while processing IO control commands. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38416 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2024-38416
03 Feb 2025 — Information disclosure during audio playback. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2024-38414 – Buffer Over-read in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38414
03 Feb 2025 — Information disclosure while processing information on firmware image during core initialization. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-24639 – WordPress Korea for WooCommerce plugin <= 1.1.11 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-24639
03 Feb 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in GREYS Korea for WooCommerce allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/korea-for-woocommerce/vulnerability/wordpress-korea-for-woocommerce-plugin-1-1-11-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-24556 – WordPress MooWoodle plugin <= 3.2.4 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-24556
03 Feb 2025 — Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle allows Retrieve Embedded Sensitive Data. • https://patchstack.com/database/wordpress/plugin/moowoodle/vulnerability/wordpress-moowoodle-plugin-3-2-4-sensitive-data-exposure-vulnerability? • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20643
https://notcve.org/view.php?id=CVE-2025-20643
03 Feb 2025 — This could lead to local information disclosure, if an attacker has physical access to the device, if a malicious actor has already obtained the System privilege. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-1295: Debug Messages Revealing Unnecessary Information •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20640
https://notcve.org/view.php?id=CVE-2025-20640
03 Feb 2025 — This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-125: Out-of-bounds Read •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-20638
https://notcve.org/view.php?id=CVE-2025-20638
03 Feb 2025 — This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-457: Use of Uninitialized Variable •