Lucene search
+L

338 matches found

Cvelist
Cvelist
added 2025/07/16 11:18 a.m.10 views

CVE-2025-53755 Cleartext Storage Vulnerability in Digisol DG-GR6821AC Router

This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted dat...

5.1CVSS0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/10 1:30 a.m.9 views

CVE-2025-42979

The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms instead of secure symmetric ciphers for storing the credentials of an RFC user on the client PC. This leads to a high impact on confidentiality because any attacker who gains access to the user hive o...

5.6CVSS7.1AI score0.00129EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/07/08 6:23 p.m.7 views

CVE-2025-48386

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...

6.3CVSS7.5AI score0.00324EPSS
Exploits0
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.6 views

SAP GUI for Windows 安全漏洞

SAP GUI for Windows is an interface graphics software for Windows from SAP, a German company. A security vulnerability exists in SAP GUI for Windows that stems from the use of an obfuscated algorithm to store credentials, which could lead to password disclosure...

5.6CVSS6.6AI score0.00129EPSS
Exploits0References3
CNVD
CNVD
added 2025/06/06 12:0 a.m.2 views

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2025-12569)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server version 11.7...

6.5CVSS6.2AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/03 12:11 p.m.9 views

CVE-2025-1499

IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user...

6.5CVSS6.5AI score0.00189EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/01 12:0 a.m.6 views

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server version 11.7...

6.5CVSS5.9AI score0.00189EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 1:15 a.m.10 views

CVE-2022-29959

Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. This environment provides access control functionality through user authentication and privilege management. The credentials for various users a...

5.5CVSS7.1AI score0.00252EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:11 a.m.12 views

CVE-2022-44017

An issue was discovered in Simmeth Lieferantenmanager before 5.6. Due to errors in session management, an attacker can log back into a victim's account after the victim logged out - /LMS/LM/main can be used for this. This is due to the credentials not being cleaned from the local storage after...

7.5CVSS6.6AI score0.0072EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:35 p.m.8 views

CVE-2021-43963

An issue was discovered in Couchbase Sync Gateway 2.7.0 through 2.8.2. The bucket credentials used to read and write data in Couchbase Server were insecurely being stored in the metadata within sync documents written to the bucket. Users with read access could use these credentials to obtain writ...

8.1CVSS6.3AI score0.00501EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 p.m.13 views

CVE-2021-29253

The Tableau integration in RSA Archer 6.4 P1 6.4.0.1 through 6.9 P2 6.9.0.2 is affected by an insecure credential storage vulnerability. An malicious attacker with access to the Tableau workbook file may obtain access to credential information to use it in further attacks...

5.5CVSS6.5AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 a.m.7 views

CVE-2019-12171

Dropbox.exe and QtWebEngineProcess.exe in the Web Helper in the Dropbox desktop application 71.4.108.0 store cleartext credentials in memory upon successful login or new account creation. These are not securely freed in the running process...

7.8CVSS7AI score0.0092EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:43 a.m.7 views

CVE-2019-5626

The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in a clear text file. This file persists until the user logs out or the session times out from non-usage 30 days of no user activity. This can allow an attacker to compromise the affected BlueCats networ...

7.8CVSS7.1AI score0.00351EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:14 a.m.6 views

CVE-2019-14477

AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted...

5.5CVSS7AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:37 a.m.10 views

CVE-2019-11402

In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format...

9.8CVSS7AI score0.01332EPSS
Exploits0References1
NVD
NVD
added 2025/05/13 1:15 a.m.30 views

CVE-2025-43005

SAP GUI for Windows allows an unauthenticated attacker to exploit insecure obfuscation algorithms used by the GuiXT application to store user credentials. While this issue does not impact the Integrity or Availability of the application, it may have a Low impact on the Confidentiality of data...

4.3CVSS0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.12 views

PT-2025-20817 · Sap · Sap Gui For Windows

Name of the Vulnerable Software and Affected Versions: SAP GUI for Windows affected versions not specified Description: The issue allows an unauthenticated attacker to exploit insecure obfuscation algorithms used by the GuiXT application to store user credentials. This may have a Low impact on th...

4.3CVSS6.5AI score0.00161EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/05/11 12:0 a.m.4 views

PT-2025-28190 · Ооо 'Сегнетикс' · Segnetics Smconfig

Уязвимость конфигуратора системных настроек Segnetics SMConfig связана с недостаточной защищенностью хранилища учетных данных. Эксплуатация уязвимости может позволяющая нарушителю, действующему удалённо, раскрыть защищаемую информацию путём отправки специально сформированного GET-запроса...

6.8CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2025/05/05 8:15 p.m.8 views

CVE-2025-4286

A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to...

4.9CVSS4.7AI score0.00443EPSS
Exploits1References4
NVD
NVD
added 2025/05/05 8:15 p.m.26 views

CVE-2025-4286

A vulnerability was found in Intelbras InControl up to 2.21.59. It has been classified as problematic. Affected is an unknown function of the component Dispositivos Edição Page. The manipulation of the argument Senha de Comunicação leads to unprotected storage of credentials. It is possible to...

5.1CVSS0.00443EPSS
Exploits1References4
Rows per page
Query Builder