121 matches found
EUVD-2025-38342
Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be allowed. The list of APIs that are affected by this issue is: post:/platform/configuration/security/service-accounts...
CVE-2025-37736
Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be allowed. The list of APIs that are affected by this issue is: post:/platform/configuration/security/service-accounts...
EUVD-2018-4309
Malware in sbrugna...
EUVD-2018-4308
Malware in sbrugna...
EUVD-2021-18741
Malware in sbrugna...
EUVD-2000-0356
Malware in sbrugna...
EUVD-2019-7016
Malware in sbrugna...
EUVD-2018-4304
Malware in sbrugna...
EUVD-2022-7411
Malicious code in bioql PyPI...
EUVD-2025-23307
Malicious code in bioql PyPI...
EUVD-2024-47859
Malicious code in bioql PyPI...
Flock Safety Pisco 安全漏洞
Flock Safety Pisco is a backend authentication module from Flock Safety USA. A security vulnerability exists in Flock Safety Pisco version 6.21.11, which stems from the inclusion of plaintext Auth0 client keys in the codebase, which could lead to key disclosure...
CVE-2025-37111
A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37111
A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37111 Hard-Coded Authentication Keys found in System
A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information...
CVE-2025-37111
CVE-2025-37111 affects the HPE Telco Network Function Virtual Orchestrator. The issue is a vulnerability in the storage policy for certain sets of authentication keys, enabling unauthorized parties to gain access to sensitive system information. The CVSSv3.1 vector indicates Local attack vector, ...
PT-2025-31578 · Hewlett Packard · Hpe Telco Network Function Virtual Orchestrator
Name of the Vulnerable Software and Affected Versions: HPE Telco Network Function Virtual Orchestrator affected versions not specified Description: A vulnerability exists in the storage policy for certain sets of authentication keys. Successful exploitation could lead to unauthorized access to...
Credential Exposure
Overview Affected versions of this package are vulnerable to Credential Exposure via the job configuration form. An attacker can obtain sensitive authentication keys by viewing the exposed values in the user interface. Remediation There is no fixed version for org.jenkins-ci.plugins:vaddy-plugin...
CVE-2025-53669
Jenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...
CVE-2025-53669
Jenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...