go-retryablehttp: url might write sensitive information to log file

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information...

The vulnerability of the 1C-Bitrix website content management system, related to insufficient protection of registration data, allows a hacker to gain access to authentication data from the proxy server.

The vulnerability of the 1C-Bitrix website content management system CMS is related to insufficient protection of registration data, allowing attackers to gain access to authentication data from the proxy server...

The vulnerability of the 1C-Bitrix website content management system, related to insufficient protection of registration data, allows a hacker to exploit SMTP settings and gain access to SMTP server authentication data.

The vulnerability of the 1C-Bitrix website content management system is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to manipulate SMTP settings and gain access to SMTP server authentication data...

The vulnerability of the 1C-Bitrix website content management system, related to insufficient protection of registration data, allows a hacker to gain access to authentication data from the Microsoft Exchange Server server.

The vulnerability of the 1C-Bitrix website content management system is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to gain access to authentication data from the Microsoft Exchange Server server...

The vulnerability of the Windows Ancillary Function Driver for WinSock on Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Windows Ancillary Function Driver for WinSock operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

PT-2024-6783 · Microsoft · Windows Ancillary Function Driver For Winsock +1

Name of the Vulnerable Software and Affected Versions: Windows Ancillary Function Driver for WinSock affected versions not specified Description: The issue is related to the use of insecure mechanisms for handling authentication data in the operating system's memory. This could allow an attacker ...

PT-2024-6757 · Microsoft · Windows Remote Desktop Licensing Service +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Licensing Service affected versions not specified Description: The issue is related to the use of insecure mechanisms for handling authentication data in the operating system's memory. It allows remote attackers to...

CVE-2024-41290

FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via the cookie's component...

CVE-2024-41290

FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via the cookie's component...

FlatPress 安全漏洞

FlatPress is a Php-based blog builder without database support from the FlatPress community. A security vulnerability exists in FlatPress version v1.3.1, which stems from the use of an insecure method to store authentication data via the cookie component...

CVE-2024-41290

FlatPress CMS versions 1.3.1 (

The vulnerability of the Yealink Meeting Server lies in the insufficient protection of operational data, which allows attackers to gain access to user authentication information.

The vulnerability of the Yealink Meeting Server lies in the insufficient protection of sensitive data. Exploiting this vulnerability can allow a malicious actor to gain access to user authentication credentials remotely...

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems allows a perpetrator to execute arbitrary code.

The vulnerability of the Remote Desktop Licensing Service for Windows operating systems is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

PT-2024-6249 · Microsoft · Windows Remote Desktop Licensing Service +1

Name of the Vulnerable Software and Affected Versions: Windows Remote Desktop Licensing Service affected versions not specified Description: The issue is related to the use of insecure mechanisms for handling authentication data in the operating system's memory. This can allow a remote attacker t...

go-retryablehttp: url might write sensitive information to log file

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information...

The vulnerability of the PSM Windows Resource Manager service on Windows operating systems allows attackers to increase their privileges.

The vulnerability of the PSM Windows Resource Manager service in the Windows operating system is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Windows operating system’s kernel allows attackers to enhance their privileges.

The vulnerability of Windows operating system kernels is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the clipboard data exchange service between devices via the Windows operating system’s Clipboard Virtual Channel Extension allows a hacker to execute arbitrary code.

The vulnerability of the clipboard service between devices under the Windows operating system’s Virtual Channel Extension relies on the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability allows a remote attacker to execute...

go-retryablehttp: url might write sensitive information to log file

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information...