CVE-2026-5413

A vulnerability was identified in Newgen OmniDocs up to 12.0.00. Affected by this vulnerability is an unknown functionality of the file /omnidocs/GetWebApiConfiguration. The manipulation of the argument connectionDetails leads to information disclosure. The attack is possible to be carried out...

PT-2026-29865

A vulnerability was identified in Newgen OmniDocs up to 12.0.00. Affected by this vulnerability is an unknown functionality of the file /omnidocs/GetWebApiConfiguration. The manipulation of the argument connectionDetails leads to information disclosure. The attack is possible to be carried out...

CVE-2020-36895

EIBIZ i-Media Server Digital Signage 3.8.0 contains an unauthenticated configuration disclosure vulnerability that allows remote attackers to access sensitive configuration files via direct object reference. Attackers can retrieve the SiteConfig.properties file through an HTTP GET request, exposi...

EUVD-2013-1663

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the liotargetnaclinfoshow function using a sprintf loop to print iSCSI connection details without checking t...

EUVD-2024-3287

Malicious code in bioql PyPI...

EUVD-2022-27691

Malicious code in bioql PyPI...

EUVD-2025-10696

Malicious code in bioql PyPI...

CVE-2025-29992

Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the database server being temporarily down or too busy...

CVE-2025-48709 BMC Control-M/Server cleartext database credentials in process lists and logs

BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on,...

CVE-2022-22545

A high privileged user who has access to transaction SM59 can read connection details stored with the destination for http calls in SAP NetWeaver Application Server ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756...

CVE-2013-1631

Verax NMS prior to 2.1.0 leaks connection details when any user executes a Repair Table action...

CVE-2025-32382

Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase either updating a password or changing password to private key or vice versa, Metabase would not always purge older Snowflake connection details from the...

CVE-2025-32382

Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase either updating a password or changing password to private key or vice versa, Metabase would not always purge older Snowflake connection details from the...

CVE-2025-32382 Snowflake credentials logged by the Metabase backend

Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase either updating a password or changing password to private key or vice versa, Metabase would not always purge older Snowflake connection details from the...

CVE-2025-32382 Snowflake credentials logged by the Metabase backend

Metabase is an open source Business Intelligence and Embedded Analytics tool. When admins change Snowflake connection details in Metabase either updating a password or changing password to private key or vice versa, Metabase would not always purge older Snowflake connection details from the...

CVE-2025-32382

Metabase (open source) had a vulnerability where, when admins updated Snowflake connection details, older connection credentials could remain in the application database. Metabase would cycle connection methods and, upon a successful one, log the details including username and password, risking c...

GHSA-M2HH-2M46-X6J5 silverstripe/framework may disclose database credentials during connection failure

When running SilverStripe 3.7 or 4.x in dev mode with the mysqli database driver, there is a potential to disclose the connection details. We have blacklisted the sensitive parts of the connection information from being included in dev mode stack traces when database errors occur...

silverstripe/framework may disclose database credentials during connection failure

When running SilverStripe 3.7 or 4.x in dev mode with the mysqli database driver, there is a potential to disclose the connection details. We have blacklisted the sensitive parts of the connection information from being included in dev mode stack traces when database errors occur...

CVE-2023-38547

A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database...