18 matches found
Astra Linux - уязвимость в librabbitmq
A vulnerability was discovered in the C AMQP client library also known as rabbitmq-c for RabbitMQ in versions up to 0.13.0. credentials can only be entered via the command line e.g., for amqp-publish or amqp-consume, and therefore they are visible to local attackers who can list processes along...
Linux Distros Unpatched Vulnerability : CVE-2026-33247
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run wi...
CVE-2026-33247
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...
CVE-2026-33247
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...
CVE-2025-67860 NeuVector scanner insecurely handles passwords as command arguments
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
GHSA-3C9M-GQ32-G4JX NeuVector scanner insecurely handles passwords as command arguments
Impact A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users. This may allow unauthorized access to registries or the NeuVector...
Alibaba Cloud Linux 3 : 0059: librabbitmq (ALINUX3-SA-2024:0059)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0059 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-35789: An issue was discovered in the C AM...
Zyxel USG FLEX 安全漏洞
Zyxel USG FLEX is a firewall from China Hopkins Zyxel. Offering flexible VPN options IPsec, SSL or L2TP, it provides flexible and secure remote access for remote work and management. A security vulnerability exists in Zyxel USG FLEX that stems from inadequate protection against credentials in CLI...
PT-2024-28855 · No Ip · No-Ip Dynamic Update Client
Name of the Vulnerable Software and Affected Versions: No-IP Dynamic Update Client DUC versions 3.x Description: The No-IP Dynamic Update Client DUC v3.x uses cleartext credentials that may occur on a command line or in a file. The vendor's position is that cleartext in /etc/default/noip-duc is...
rabbitmq-c/librabbitmq: Insecure credentials submission
A flaw was found in librabbitmq. This issue occurs because credentials can only be entered on the command line for example, for amqp-publish or amqp-consume and are visible to local attackers by listing a process and its arguments...
DEBIAN-CVE-2023-35789
An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for amqp-publish or amqp-consume and are thus visible to local attackers by listing a process and its arguments...
ALPINE-CVE-2023-35789
An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for amqp-publish or amqp-consume and are thus visible to local attackers by listing a process and its arguments...
AZL-43804 CVE-2023-35789 affecting package librabbitmq 0.10.0-4
An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for amqp-publish or amqp-consume and are thus visible to local attackers by listing a process and its arguments...
UBUNTU-CVE-2023-35789
An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for amqp-publish or amqp-consume and are thus visible to local attackers by listing a process and its arguments...
rabbitmq-c 安全漏洞
rabbitmq-c is a C-based AMQP Advanced Message Queuing Protocol client library. A security vulnerability exists in versions of rabbitmq-c prior to 0.13.0, which stems from the fact that credentials can only be entered on the command line, and can be exploited by an attacker to view credentials by...
Important: Red Hat Security Advisory: JBoss Enterprise SOA Platform 5.3.1 update
JBoss Enterprise SOA Platform 5.3.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS...
JBoss: twiddle.sh accepts credentials as command line arguments, exposing them to other local users via a process listing
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments...
JBoss: twiddle.sh accepts credentials as command line arguments, exposing them to other local users via a process listing
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments, which allows local users to read the credentials by listing the process and its arguments...