101 matches found
CVE-2026-30928
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...
DEBIAN-CVE-2026-30928
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...
CVE-2026-30928
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...
Glances Exposes Unauthenticated Configuration Secrets
Summary The /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all configured backend services including database passwords, API tokens, JWT...
CVE-2026-2452
Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained a security-relevant bug: It was possible to exfiltrate information...
CVE-2026-2451 Unsafe variable evaluation in email templates
Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained a security-relevant bug: It was possible to exfiltrate information...
CVE-2026-2415 Unsafe variable evaluation in email templates
Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when name is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained two security-relevant bugs: It was possible to exfiltrate information...
pretix 安全漏洞
Pretix is a ticketing software developed by the German company Pretix. Pretix has a security vulnerability. This vulnerability stems from two security-related flaws in the placeholder mechanism. It is possible for malicious placeholders to reveal system configuration information, including databa...
pretix 安全漏洞
Pretix is a ticketing software developed by the German company Pretix. Pretix has a security vulnerability, which stems from a security-related flaw in the placeholder mechanism. This flaw may allow system configuration information to be disclosed through specially crafted placeholder names,...
Brocade SANnav 安全漏洞
Brocade SANnav is a storage area network management software developed by the American company Brocade. Versions of Brocade SANnav prior to 2.4.0a contained security vulnerabilities. These vulnerabilities stemmed from improper logging in the update-reports-purge-settings.sh script, which could le...
CVE-2025-12680
CVE-2025-12680 affects Brocade SANnav prior to version 2.4.0b. In the event of disaster-recovery failover, the standby SANnav server logs database passwords in clear text, enabling a remote authenticated attacker with admin privileges to read the passwords from SANnav logs or the supportsave. The...
PT-2026-5695
Brocade SANnav before Brocade SANnav 2.4.0b logs database passwords in clear text in the standby SANnav server, after disaster recovery failover. The vulnerability could allow a remote authenticated attacker with admin privilege able to access the SANnav logs or the supportsave to read the databa...
Dormakaba Exos 9300 security vulnerabilities
The Dormakaba Exos 9300 is an access control and security management system developed by the American company Dormakaba. The Dormakaba Exos 9300 has a security vulnerability, as the database passwords are derived from static random values. This vulnerability could allow attackers to derive...
Pimcore ENV Variables and Cookie Informations are exposed in http_error_log
Summary The httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through the Pimcore backend. Details It’s better to remove both lines, as this information make...
EUVD-2008-6666
Malware in sbrugna...
EUVD-2002-2279
Malware in sbrugna...
EUVD-2000-0483
Malware in sbrugna...
EUVD-2019-0014
Malware in sbrugna...
EUVD-2000-0650
Malware in sbrugna...
EUVD-2009-5023
Malware in sbrugna...