Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2026/01/21 12:0 a.m.6 views

PT-2026-3842

D-Link D-View 8 versions 2.0.1.107 and below contain an improper access control vulnerability in backend API endpoints. Any authenticated user can supply an arbitrary user id value to retrieve sensitive credential data belonging to other users, including super administrators. The exposed credenti...

8.7CVSS5.7AI score0.00053EPSS
Exploits0References3
CVE
CVEadded 2025/10/31 11:1 a.m.9 views

CVE-2025-40603

SonicWall SMA100 Series appliances (SMA 210, 410, 500v) are affected by CVE-2025-40603. A remote, authenticated administrator may, under certain conditions, view partial user credential data via log files. SonicWall PSIRT provides a fixed-release remediation for SMA100 series; upgrade to the spec...

4.5CVSS5.8AI score0.00046EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2025/10/07 12:30 a.m.10 views

EUVD-2018-10727

Malware in sbrugna...

7.8CVSS7.6AI score0.00033EPSS
Exploits0References3
NVD
NVDadded 2025/08/20 2:15 p.m.2 views

CVE-2025-8448

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products...

1CVSS0.00036EPSS
Exploits0References1
CVE
CVEadded 2025/08/20 1:58 p.m.13 views

CVE-2025-8448

CVE-2025-8448 involves Schneider Electric EcoStruxure Building Operation Enterprise Server and EcoStruxure Enterprise Server. The vulnerability (CWE-200) allows an attacker who can capture local SMB traffic on a BMS network to access sensitive credential data from a valid user, exposing confident...

1CVSS6.7AI score0.00036EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 5:39 a.m.8 views

CVE-2012-4903

Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by obtaining credential data, a different vulnerability than CVE-2012-4906...

5CVSS5.8AI score0.06965EPSS
Exploits1References1
OSV
OSVadded 2019/12/13 6:15 p.m.0 views

CVE-2019-19774

An issue was discovered in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewing credential data...

8.8CVSS7.3AI score
Exploits0References3
OSV
OSVadded 2019/01/25 8:29 p.m.2 views

CVE-2018-19009

Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local access to the system containing the PNOZmulti Configurator software to view sensitive credential data in clear-text. This sensitive data is applicable to only the PMI m107 diag HMI device. An attacker wi...

7.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder