80 matches found
CVE-2025-65841
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...
PT-2025-48966
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...
EUVD-2007-0657
Malware in sbrugna...
EUVD-2022-3881
Malicious code in bioql PyPI...
Security Bulletin: Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly, which affects IBM watsonx.data
Summary Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. These can affect...
CVE-2025-32377 Rasa Pro Missing Authentication For Voice Connector APIs
Rasa Pro is a framework for building scalable, dynamic conversational AI assistants that integrate large language models LLMs. A vulnerability has been identified in Rasa Pro where voice connectors in Rasa Pro do not properly implement authentication even when a token is configured in the...
Apache Hive Authorization Issues Vulnerability
Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...
GHSA-C476-J253-5RGQ Apache Hive Incorrectly Assigns Permissions for a Critical Resource
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...
Apache Hive Incorrectly Assigns Permissions for a Critical Resource
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...
CVE-2024-29869
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...
CVE-2024-29869
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...
CVE-2024-29869 Apache Hive: Credentials file created with non restrictive permissions
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...
CVE-2024-29869 Apache Hive: Credentials file created with non restrictive permissions
Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...
CVE-2024-29869
CVE-2024-29869 describes a permission misconfiguration where Hive writes a credentials file to a temporary directory with 644 permissions when unconstrained, allowing read access by unauthorized users. The issue is documented for Hive and is reflected in IBM watsonx.data advisories, which cite af...
Apache Hive 安全漏洞
Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...
VulnCheck KEV: CVE-2024-45841
Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...
PT-2024-36224 · Campbell Scientific · Campbell Scientific Csi Web Server
Name of the Vulnerable Software and Affected Versions: Campbell Scientific CSI Web Server affected versions not specified Description: The issue concerns the storage of web authentication credentials in a file with a specific name. The passwords in this file are stored in a weakly encoded format,...
PT-2025-2399 · Hive · Hive
Name of the Vulnerable Software and Affected Versions: Hive versions prior to 4.0.1 Description: The issue arises when Hive creates a credentials file in a temporary directory with default permissions of 644, allowing any unauthorized user with access to the directory to read sensitive informatio...
PT-2024-14035 · Appwrite · Appwrite Cli
Name of the Vulnerable Software and Affected Versions: Appwrite CLI versions prior to 3.0.0 Description: The issue arises when using the login command in Appwrite CLI, where the credentials of the Appwrite user are stored in a /.appwrite/prefs.json file with 0644 as UNIX permissions. This allows...
LinuxCIFS utils: Multiple Vulnerabilities
Background The LinuxCIFS utils are a collection of tools for managing Linux CIFS Client Filesystems. Description Multiple vulnerabilities have been discovered in LinuxCIFS utils. Please review the CVE identifiers referenced below for details. Impact A stack-based buffer overflow when parsing the...