Lucene search
+L

144 matches found

CNNVD
CNNVD
added 2021/12/07 12:0 a.m.6 views

Couchbase Sync Gateway信息泄露漏洞

Couchbase Sync Gateway is a secure web gateway for data access and data synchronization over the web from Couchbase, Inc. A security vulnerability exists in Couchbase Sync Gateway 2.7.0 through 2.8.2, which stems from the fact that the bucket credentials used to read and write data in Couchbase...

8.1CVSS7.7AI score0.00501EPSS
Exploits0References2
NVD
NVD
added 2021/11/02 7:15 p.m.18 views

CVE-2021-41023

A unprotected storage of credentials in Fortinet FortiSIEM Windows Agent version 4.1.4 and below allows an authenticated user to disclosure agent password due to plaintext credential storage in log files...

5.5CVSS0.00212EPSS
Exploits0References1
OSV
OSV
added 2021/09/28 10:15 a.m.3 views

CVE-2021-36165

RICON Industrial Cellular Router S9922L 16.10.33794 is affected by cleartext storage of sensitive information and sends username and password as base64...

5.3CVSS5.8AI score0.00558EPSS
Exploits1References1
OSV
OSV
added 2021/07/15 4:15 p.m.4 views

CVE-2021-20439

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user...

7.5CVSS7.1AI score0.01185EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/06/10 12:0 a.m.10 views

PT-2021-14708 · Xebialabs +1 · Jenkins Xebialabs Xl Deploy Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins XebiaLabs XL Deploy Plugin versions 10.0.1 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through...

8.8CVSS8.7AI score0.00662EPSS
Exploits0References8
OSV
OSV
added 2021/04/22 9:15 p.m.6 views

CVE-2021-27392

A vulnerability has been identified in Siveillance Video Open Network Bridge 2020 R3, Siveillance Video Open Network Bridge 2020 R2, Siveillance Video Open Network Bridge 2020 R1, Siveillance Video Open Network Bridge 2019 R3, Siveillance Video Open Network Bridge 2019 R2, Siveillance Video Open...

8.8CVSS7.2AI score0.01183EPSS
Exploits0References1
OSV
OSV
added 2020/11/17 3:15 p.m.5 views

CVE-2020-27557

Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials...

5.5CVSS6.1AI score0.00344EPSS
Exploits1References1
CNVD
CNVD
added 2020/07/23 12:0 a.m.5 views

IBM Verify Gateway (IVG) User Credentials Plaintext Storage Vulnerability

IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. A user credentials plaintext storage vulnerability exists in IBM Verify Gateway IVG. A local attacker could exploit this vulnerability to read user credentials...

7.8CVSS6.6AI score0.00288EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/19 12:0 a.m.9 views

HCL BigFix Platform Credentials Plaintext Storage Vulnerability

HCL BigFix Platform is a suite of endpoint security management platform from HCL India. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in HCL BigFix Platform that stems from the program storing credentials in...

6CVSS6.8AI score0.00196EPSS
Exploits0References1
OSV
OSV
added 2020/04/23 3:15 p.m.3 views

CVE-2019-4668

IBM UrbanCode Deploy UCD 7.0.4.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171250...

5.5CVSS5.8AI score0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/12/17 12:0 a.m.6 views

PT-2019-14727 · Jenkins · Jenkins Weibo Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Weibo Plugin versions 1.0.1 and earlier Description: The issue allows credentials to be stored unencrypted in the global configuration file on the Jenkins master. This can be viewed by users with access to the master file system...

5.5CVSS6.5AI score0.0033EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/10/23 12:0 a.m.8 views

PT-2019-11855 · Jenkins · Jenkins Dynatrace Application Monitoring Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Dynatrace Application Monitoring Plugin versions 2.1.3 and earlier Jenkins Dynatrace Application Monitoring Plugin versions prior to 2.1.4 Description: The issue concerns the storage of credentials in the global configuration file on...

7.8CVSS7.5AI score0.00333EPSS
Exploits0References6
Prion
Prion
added 2019/09/25 4:15 p.m.15 views

Design/Logic Flaw

Jenkins Call Remote Job Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4CVSS6.5AI score0.01001EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/09/25 12:0 a.m.11 views

PT-2019-11814 · Jenkins · Jenkins Assembla Auth Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Assembla Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins Assembla Plugin on the Jenkins master or controlle...

5.5CVSS5.3AI score0.00348EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/09/25 12:0 a.m.8 views

PT-2019-11819 · Jenkins · Jenkins Google Calendar Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Google Calendar Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. Specifically, the Google Calendar Plugin stores ...

6.5CVSS6.4AI score0.01001EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/09/24 12:0 a.m.9 views

PT-2019-17132 · Ibm · Ibm Security Key Lifecycle Manager

Name of the Vulnerable Software and Affected Versions: IBM Security Key Lifecycle Manager versions 3.0 through 3.0.1 Description: The issue allows a local user to read user credentials stored in plain text. Recommendations: For versions 3.0 and 3.0.1, consider restricting access to the credential...

6.2CVSS5.6AI score0.00237EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2019/07/31 12:0 a.m.7 views

PT-2019-11757 · Jenkins · Jenkins Maven Release Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Maven Release Plugin versions 0.14.0 and earlier Description: The issue concerns the storage of credentials in an unencrypted manner on the Jenkins master, allowing users with access to the master file system to view them. Specificall...

5.5CVSS5.1AI score0.00471EPSS
Exploits0References6
Prion
Prion
added 2019/07/11 2:15 p.m.12 views

Design/Logic Flaw

Jenkins Mashup Portlets Plugin stored credentials unencrypted on the Jenkins master where they can be viewed by users with access to the master file system...

4CVSS8.6AI score0.01832EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2019/07/11 12:0 a.m.5 views

PT-2019-11746 · Jenkins · Jenkins Mashup Portlets Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mashup Portlets Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner on the Jenkins master, making them accessible to users with file system access. Recommendations...

8.8CVSS8.4AI score0.01832EPSS
Exploits0References7
NVD
NVD
added 2019/04/22 11:29 a.m.35 views

CVE-2019-11402

In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format...

9.8CVSS9.5AI score0.01332EPSS
Exploits0References2
Rows per page
Query Builder