64 matches found
CVE-2025-15554
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
EUVD-2025-208695
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-2025-15554
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-2025-15554
The CVE concerns Truesec LAPSWebUI (before v2.4) where browser caching of LAPS passwords may allow a workstation user to escalate privileges through disclosure of local admin passwords. Affected component: LAPSWebUI; root cause: passwords cached by the browser. Impact: potential local privilege e...
CVE-2025-15554 Admin Passwords Cached by Browsers in Truesec LAPSWebUI
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-2025-15554 Admin Passwords Cached by Browsers in Truesec LAPSWebUI
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
Truesec LAPSWebUI 安全漏洞
Truesec LAPSWebUI is a web-based management interface provided by the Swedish company Truesec. Versions of Truesec LAPSWebUI prior to version 2.4 contained security vulnerabilities. These vulnerabilities stemmed from the browser caching of LAPS passwords, which could allow attackers to gain...
PT-2026-25677
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-2026-26049
The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form...
CVE-2026-26049
The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form...
CVE-2026-26049
CVE-2026-26049 affects the Jinan USR IOT USR-W610 embedded web interface. The vulnerability is that the web UI renders the administrator password in a plaintext input field, making the current password directly visible to anyone with UI access and enabling credential exposure via shoulder surfing...
CVE-2026-26049 Jinan USR IOT Technology Limited (PUSR) USR-W610 Insufficiently Protected Credentials
The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form...
CVE-2026-26049 Jinan USR IOT Technology Limited (PUSR) USR-W610 Insufficiently Protected Credentials
The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form...
PT-2026-21241
The web management interface of the device renders the passwords in a plaintext input field. The current password is directly visible to anyone with access to the UI, potentially exposing administrator credentials to unauthorized observation via shoulder surfing, screenshots, or browser form...
CVE-2019-16177
In Limesurvey before 3.17.14, the entire database is exposed through browser caching...
EUVD-2019-6994
Malware in sbrugna...
EUVD-2015-4975
Malware in sbrugna...
EUVD-2008-2140
Malware in sbrugna...
EUVD-2018-10356
Malware in sbrugna...
EUVD-2025-8610
Malicious code in bioql PyPI...