CVE-2025-0148

Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent network access.

This Cyber News was published on www.tenable.com. Publication date: Tue, 04 Feb 2025 06:57:03 +0000

Cyber News related to CVE-2025-0148

CVE-2025-0148 - Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent network access. ...
10 hours ago Tenable.com

Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
1 year ago Bleepingcomputer.com

CVE-2017-0144 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago

CVE-2017-0148 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 months ago

CVE-2017-0143 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago

CVE-2017-0145 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago

CVE-2017-0146 - The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to ...
6 years ago

CVE-2009-0148 - Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because ...
7 years ago

CVE-2021-0148 - Insertion of information into log file in firmware for some Intel(R) SSD DC may allow a privileged user to potentially enable information disclosure via local access. ...
3 years ago

CVE-1999-0148 - The handler CGI program in IRIX allows arbitrary command execution. ...
16 years ago

CVE-2003-0148 - The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from ...
16 years ago

CVE-2013-0148 - The Data Camouflage (aka FairCom Standard Encryption) algorithm in FairCom c-treeACE does not ensure that a decryption key is needed for accessing database contents, which allows context-dependent attackers to read cleartext database records by ...
8 years ago

CVE-2006-0148 - NetSarang Xlpd 2.1 allows remote attackers to cause a denial of service (crash) via a large number of connections from the same IP address. ...
7 years ago

CVE-2010-0148 - Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets." Per: ...
7 years ago

CVE-2011-0148 - WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different ...
7 years ago

CVE-2005-0148 - Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascript: links, which invokes Internet Explorer and may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer that is ...
7 years ago

CVE-2008-0148 - TUTOS 1.3 does not restrict access to php/admin/cmd.php, which allows remote attackers to execute arbitrary shell commands via the cmd parameter in a direct request. ...
7 years ago

CVE-2004-0148 - wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead. ...
6 years ago

CVE-2001-0148 - The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. ...
6 years ago

CVE-2016-0148 - Microsoft .NET Framework 4.6 and 4.6.1 mishandles library loading, which allows local users to gain privileges via a crafted application, aka ".NET Framework Remote Code Execution Vulnerability." ...
6 years ago

CVE-2007-0148 - Format string vulnerability in OmniGroup OmniWeb 5.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via format string specifiers in the Javascript alert function. ...
6 years ago

CVE-2000-0148 - MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string. ...
5 years ago

CVE-2018-0148 - A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integrated Management Controller (IMC) Supervisor Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) ...
5 years ago

CVE-2020-0148 - In btu_hcif_pin_code_request_evt, btu_hcif_link_key_request_evt, and btu_hcif_link_key_notification_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via ...
4 years ago

CVE-2012-0148 - afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platforms does not properly validate user-mode input ...
4 years ago

Latest Cyber News

CVE-2025-24982 - 4 hours ago
CVE-2025-22475 - 6 hours ago
CVE-2025-1003 - 9 hours ago
CVE-2025-0148 - 10 hours ago
CVE-2025-24957 - 11 hours ago
CVE-2025-24958 - 11 hours ago
CVE-2025-22129 - 11 hours ago
CVE-2025-23210 - 11 hours ago
CVE-2025-24029 - 11 hours ago
CVE-2025-24371 - 11 hours ago
CVE-2025-24901 - 11 hours ago
CVE-2025-24902 - 11 hours ago
CVE-2025-24905 - 11 hours ago
CVE-2025-24906 - 11 hours ago
CVE-2024-35177 - 11 hours ago
CVE-2024-47770 - 11 hours ago
CVE-2025-24960 - 12 hours ago
CVE-2025-24961 - 12 hours ago
CVE-2025-24962 - 12 hours ago
CVE-2025-22918 - 12 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2024-20141 - 1 day ago
CVE-2024-20142 - 1 day ago
CVE-2024-20147 - 1 day ago
CVE-2025-20631 - 1 day ago
CVE-2025-20632 - 1 day ago
CVE-2025-20633 - 1 day ago
CVE-2025-20634 - 1 day ago
CVE-2025-20635 - 1 day ago
CVE-2025-20636 - 1 day ago
CVE-2025-20637 - 1 day ago
CVE-2025-20638 - 1 day ago
CVE-2025-20639 - 1 day ago
CVE-2025-20640 - 1 day ago
CVE-2025-20641 - 1 day ago
CVE-2025-20642 - 1 day ago
CVE-2025-20643 - 1 day ago
CVE-2025-25062 - 1 day ago
CVE-2025-25063 - 1 day ago
CVE-2024-57966 - 1 day ago
CVE-2024-13347 - 1 day ago