CVSS: 5.9EPSS: %CPEs: 2EXPL: 0CVE-2024-43187 – IBM Security Verify Access information disclosure
https://notcve.org/view.php?id=CVE-2024-43187
04 Feb 2025 — IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. • https://www.ibm.com/support/pages/node/7182386 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 2.7EPSS: %CPEs: 2EXPL: 0CVE-2024-45658 – IBM Security Verify Access information disclosure
https://notcve.org/view.php?id=CVE-2024-45658
04 Feb 2025 — IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7182386 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.6EPSS: %CPEs: 2EXPL: 0CVE-2025-23060 – Sensitive Data Exposure Vulnerability in HPE Aruba Networking ClearPass Policy Manager (CPPM)
https://notcve.org/view.php?id=CVE-2025-23060
04 Feb 2025 — A vulnerability in HPE Aruba Networking ClearPass Policy Manager may, under certain circumstances, expose sensitive unencrypted information. Exploiting this vulnerability could allow an attacker to perform a man-in-the-middle attack, potentially granting unauthorized access to network resources as well as enabling data tampering. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04784en_us&docLocale=en_US •
CVSS: 6.8EPSS: %CPEs: 2EXPL: 0CVE-2025-23059 – Sensitive Information Disclosure in HPE Aruba Networking ClearPass Policy Manager
https://notcve.org/view.php?id=CVE-2025-23059
04 Feb 2025 — A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager exposes directories containing sensitive information. If exploited successfully, this vulnerability allows an authenticated remote attacker with high privileges to access and retrieve sensitive data, potentially compromising the integrity and security of the entire system. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04784en_us&docLocale=en_US •
CVSS: 5.3EPSS: %CPEs: 2EXPL: 0CVE-2024-45659 – IBM Security Verify Access information disclosure
https://notcve.org/view.php?id=CVE-2024-45659
04 Feb 2025 — IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned. This information could be used in further attacks against the system. • https://www.ibm.com/support/pages/node/7182386 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-49838 – Buffer Over-read in WLAN HOST
https://notcve.org/view.php?id=CVE-2024-49838
03 Feb 2025 — Information disclosure while parsing the OCI IE with invalid length. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38417 – Buffer Over-read in Automotive Multimedia
https://notcve.org/view.php?id=CVE-2024-38417
03 Feb 2025 — Information disclosure while processing IO control commands. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38416 – Buffer Over-read in Audio
https://notcve.org/view.php?id=CVE-2024-38416
03 Feb 2025 — Information disclosure during audio playback. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-38414 – Buffer Over-read in Computer Vision
https://notcve.org/view.php?id=CVE-2024-38414
03 Feb 2025 — Information disclosure while processing information on firmware image during core initialization. • https://docs.qualcomm.com/product/publicresources/securitybulletin/february-2025-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 6.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-24639 – WordPress Korea for WooCommerce plugin <= 1.1.11 - Sensitive Data Exposure vulnerability
https://notcve.org/view.php?id=CVE-2025-24639
03 Feb 2025 — Insertion of Sensitive Information Into Sent Data vulnerability in GREYS Korea for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects Korea for WooCommerce: from n/a through 1.1.11. • https://patchstack.com/database/wordpress/plugin/korea-for-woocommerce/vulnerability/wordpress-korea-for-woocommerce-plugin-1-1-11-sensitive-data-exposure-vulnerability? • CWE-201: Insertion of Sensitive Information Into Sent Data •