Lucene search
K

144 matches found

CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

Albert Health 安全漏洞

Albert Health is a health management application developed by Albert Health Corporation. Versions of Albert Health prior to 1.7.3 contain security vulnerabilities. These vulnerabilities stem from improper handling of the resources/assets/service-account.json file associated with the Google Cloud...

2.5CVSS5.8AI score0.00099EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.6 views

PT-2026-25765

A vulnerability was found in Albert Sağlık Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-account.json of the component Google Cloud Service Account Key Handler. Performing a manipulation results in unprotected...

2.5CVSS4.8AI score0.00099EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.10 views

PT-2026-25760

A weakness has been identified in La Nacion App 10.2.25 on Android. This impacts an unknown function of the file source/app/lanacion/clublanacion/BuildConfig.java of the component app.lanacion.activity. Executing a manipulation of the argument API KEY WEBSOCKET CV can lead to unprotected storage ...

8.8CVSS5.1AI score0.01494EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2025/12/29 2:3 p.m.7 views

CVE-2025-15128

A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safesetting/ of the component Endpoint. Performing a manipulation of the argument backupencryptionpassworddecrypt/exportencryptionpassworddecrypt results in unprotected storage o...

6.9CVSS5.5AI score0.00272EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/28 8:32 a.m.3 views

CVE-2025-15128 ZKTeco BioTime Endpoint safe_setting credentials storage

A vulnerability was detected in ZKTeco BioTime up to 9.0.3/9.0.4/9.5.2. This affects an unknown part of the file /base/safesetting/ of the component Endpoint. Performing a manipulation of the argument backupencryptionpassworddecrypt/exportencryptionpassworddecrypt results in unprotected storage o...

6.9CVSS5.5AI score0.00272EPSS
Exploits0References6
CVE
CVE
added 2025/12/28 8:32 a.m.23 views

CVE-2025-15128

ZKTeco BioTime Endpoint (affected: up to 9.0.3/9.0.4/9.5.2) contains a vulnerability in the file /base/safe_setting/ within the Endpoint component. Manipulating the arguments backup_encryption_password_decrypt/export_encryption_password_decrypt can lead to unprotected storage of credentials. Remo...

6.9CVSS5.5AI score0.00272EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2025/12/23 12:0 a.m.189 views

📄 Backdoor.Win32.Netbus.170 MVID-2025-0703 Insecure Credential Storage

Backdoor.Win32.Netbus.170 malware listens on TCP ports 12632 and 12631. The backdoor server password "ecoli" is stored in cleartext in an .INI textfile, stored under "C:\Windows" having the same name as the malware. Third party attackers who have knowledge of the password can login and issue...

7.3AI score
Exploits0
Redos
Redos
added 2025/12/23 12:0 a.m.7 views

ROS-20251223-7320

Vulnerability in jenkins related to unencrypted storage of credentials. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information...

4.3CVSS6.8AI score0.00139EPSS
Exploits0
Redos
Redos
added 2025/12/23 12:0 a.m.8 views

ROS-20251223-7319

Vulnerability in jenkins related to unencrypted storage of credentials. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information...

4.3CVSS6.8AI score0.00159EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/12/07 3:2 a.m.4 views

CVE-2025-14183 SGAI Space1 NAS N1211DS gsaiagent JSONAPI GET_USER_INFO credentials storage

A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GETFACTORYINFO/GETUSERINFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The exploit...

5.3CVSS6.4AI score0.00231EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/07 3:2 a.m.22 views

CVE-2025-14183 SGAI Space1 NAS N1211DS gsaiagent JSONAPI GET_USER_INFO credentials storage

A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GETFACTORYINFO/GETUSERINFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The exploit...

5.3CVSS0.00231EPSS
Exploits0References6
CVE
CVE
added 2025/12/07 3:2 a.m.17 views

CVE-2025-14183

SGAI Space1 NAS N1211DS (≤1.0.915) is affected by CVE-2025-14183 in the gsaiagent component, specifically GET_FACTORY_INFO/GET_USER_INFO in /cgi-bin/JSONAPI. The issue enables unprotected storage of credentials and is exploitable remotely; public exploit material exists. Red Hat/EUVD/NVD entries ...

5.3CVSS6.4AI score0.00231EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/07 12:0 a.m.6 views

PT-2025-49394

A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GET FACTORY INFO/GET USER INFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The...

5.3CVSS6.7AI score0.00231EPSS
Exploits0References7
OSV
OSV
added 2025/12/03 5:15 p.m.7 views

CVE-2025-65841

Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file /Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate...

6.2CVSS5.8AI score0.00182EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/11/15 7:32 p.m.6 views

CVE-2025-13221 Intelbras UnniTI usuarios.xml credentials storage

A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Executing manipulation of the argument Usuario/Senha can lead to unprotected storage of credentials. The attack can be executed remotely. The exploit has...

6.9CVSS0.00321EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/15 7:32 p.m.4 views

CVE-2025-13221 Intelbras UnniTI usuarios.xml credentials storage

A weakness has been identified in Intelbras UnniTI 24.07.11. The affected element is an unknown function of the file /xml/sistema/usuarios.xml. Executing manipulation of the argument Usuario/Senha can lead to unprotected storage of credentials. The attack can be executed remotely. The exploit has...

6.9CVSS6.4AI score0.00321EPSS
Exploits0References4
CVE
CVE
added 2025/11/15 7:32 p.m.19 views

CVE-2025-13221

CVE-2025-13221 affects Intelbras UnniTI 24.07.11. The vulnerability is in an unknown function in the file /xml/sistema/usuarios.xml where manipulating the argument Usuario/Senha can cause unprotected storage of credentials. The issue can be exploited remotely, and public exploits exist. Connected...

6.9CVSS5.4AI score0.00321EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/15 12:0 a.m.4 views

PT-2025-47063

Name of the Vulnerable Software and Affected Versions Intelbras UnniTI version 24.07.11 Description A weakness exists in Intelbras UnniTI 24.07.11 related to the storage of credentials. Manipulation of the Senha argument within the Usuario element of the /xml/sistema/usuarios.xml file can lead to...

6.9CVSS6.4AI score0.00321EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/11/14 10:2 p.m.8 views

CVE-2025-13187 Intelbras ICIP acessodeusuario.xml credentials storage

A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprotected storage of credentials. The attack may be launched remotely. The exploit...

6.9CVSS0.00472EPSS
Exploits1References4
CVE
CVE
added 2025/11/14 10:2 p.m.11 views

CVE-2025-13187

CVE-2025-13187 (Intelbras ICIP 2.0.20) affects an unknown function in the file /xml/sistema/acessodeusuario.xml, where manipulation of the NomeUsuario/SenhaAcess arguments leads to unprotected storage of credentials. The vulnerability can be exploited remotely, and public disclosures exist. Conne...

7.5CVSS5.5AI score0.00472EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder