CVE-2020-7513

A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to intercept traffic and read configuration data...

EUVD-2020-28642

Malware in sbrugna...

Security Bulletin: A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30).

Summary A vulnerability has been identified in OPUPI0 AMQP/MQTT All versions V5.30. Vulnerability Details CVEID:CVE-2024-31486 DESCRIPTION: A vulnerability has been identified in OPUPI0 AMQP/MQTT All versions V5.30. The affected devices stores MQTT client passwords without sufficient protection o...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python312 (SUSE-SU-2025:02359-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02359-1 advisory. - CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malforme...

CVE-2020-7517

A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to read user credentials...

CVE-2024-8070

CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test credentials in the firmware binary...

Slackware Linux 15.0 / current expat Vulnerability (SSA:2024-312-01)

The version of expat installed on the remote host is prior to 2.6.4. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-312-01 advisory. New expat packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding descriptio...

CVE-2020-26311 GHSL-2020-312: Regular Expression Denial of Service (ReDoS) in useragent

Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no patches are available...

CVE-2020-26311 GHSL-2020-312: Regular Expression Denial of Service (ReDoS) in useragent

Useragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, no patches are available...

CVE-2024-8070

CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test credentials in the firmware binary...

CVE-2024-8070

CVE-2024-8070 describes a CWE-312: Cleartext Storage of Sensitive Information vulnerability that exposes test credentials in the firmware binary of Schneider Electric EVlink Home Smart and Schneider Charge firmware. The available connected documents indicate the affected software is Schneider Ele...

CVE-2024-8070

CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test credentials in the firmware binary...

CVE-2024-8070

CWE-312: Cleartext Storage of Sensitive Information vulnerability exists that exposes test credentials in the firmware binary...

IDEC CORPORATION WindLDR and WindO/I-NV4

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : IDEC Corporation Equipment : WindLDR, WindO/I-NV4 Vulnerability : Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain...

JVN#08342147: WindLDR and WindO/I-NV4 store sensitive information in cleartext

PLC programming software "WindLDR" and Operator Interfaces' Touchscreen Programming Software "WindO/I-NV4" provided by IDEC Corporation store sensitive information in cleartext form CWE-312. Impact An attacker who obtained the product's project file may obtain user credentials of the PLC or...

JVN#18715935: Multiple vulnerabilities in GROWI

GROWI provided by WESEEK, Inc. contains multiple vulnerabilities listed below. Stored cross-site scripting vulnerability in the presentation feature CWE-79 - CVE-2023-42436 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVSS v2|...

CVE-2023-40715

A cleartext storage of sensitive information vulnerability CWE-312 in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device...

Information disclosure

A cleartext storage of sensitive information vulnerability CWE-312 in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device...

CVE-2023-40715

FortiTester (versions 2.3.0–7.2.3) is affected by a cleartext storage of sensitive information (CWE-312). An attacker with access to the device’s database could retrieve plaintext passwords for external servers configured in the device. Root cause is storing sensitive data in plaintext. The conne...

CVE-2023-40715

A cleartext storage of sensitive information vulnerability CWE-312 in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device...