167 matches found
The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers allows a hacker to gain unauthorized access to protected information.
The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers lies in the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information from a remote location...
The vulnerability of the HPE Networking Instant On configuration and access point management tool lies in its use of strictly encrypted credentials. This allows attackers to circumvent security restrictions and gain increased privileges.
The vulnerability of the HPE Networking Instant On configuration and access point management tool is related to the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain increased privileges...
The vulnerability of the ColdFusion software platform, which stems from the use of strictly encrypted user credentials, allows attackers to escalate their privileges.
The vulnerability of the ColdFusion software platform is related to the use of strictly encrypted user credentials. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...
The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller (NDFC) and the Cisco Nexus Dashboard platform for analyzing and automating cloud-based data center operations allows attackers to impersonate other users and obtain encrypted user credentials.
The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller NDFC and the Cisco Nexus Dashboard cloud network analytics and automation platform is related to insufficient security checks for the protected connection. Exploiting this vulnerability allows a...
The vulnerability of the dtale library, related to the use of strictly encrypted credentials during the processing of the SECRET_KEY parameter, allows a hacker to bypass existing security restrictions and execute arbitrary code on the server.
The vulnerability of the dtale library lies in the use of strictly encrypted user credentials during the processing of the SECRETKEY parameter. Exploiting this vulnerability allows an attacker to bypass existing security restrictions and execute arbitrary code on the server...
The vulnerability of the telnetd service in D-Link router microprogramming systems such as DIR-605L and DIR-816L allows a hacker to execute arbitrary code.
The vulnerability of the telnetd service in D-Link router microprogramming systems like DIR-605L and DIR-816L lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by using the built-in login credentials...
The vulnerability of the Gladinet CentreStack software platform for secure file sharing lies in the use of strictly encrypted user credentials, allowing a hacker to execute arbitrary code.
The vulnerability of the Gladinet CentreStack file sharing software platform lies in the use of strictly encrypted user credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Telnet service of the TOTOLINK A810R router’s microprogramming system allows a intruder to disclose protected information.
The vulnerability of the Telnet service in the microprogramming software of TOTOLINK A810R routers is related to the use of strictly encrypted login credentials. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
The vulnerability of the /etc/shadow file in TOTOLINK CA300-PoE router microprogramming software allows a hacker to disclose protected information.
The vulnerability of the /etc/shadow file in TOTOLINK CA300-PoE router microprogramming systems is related to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow an attacker to disclose the protected information...
PCDiff: Proactive Control for Ownership Protection in Diffusion Models with Watermark Compatibility
With the growing demand for protecting the intellectual property IP of text-to-image diffusion models, we propose PCDiff -- a proactive access control framework that redefines model authorization by regulating generation quality. At its core, PCDIFF integrates a trainable fuser module and...
uberAgent is unable to read encrypted credentials stored in Windows Credential Store
Customer is attempting to store encrypted credentials in the Windows Credentials Store as described in the uberAgent documentation https://docs.citrix.com/en-us/uberagent/7-3-1/uxm-features-configuration/username-and-configuration-setting-encryption-2.html, but uberAgent is unable to read the...
CVE-2025-25042
A vulnerability in the AOS-CX REST interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation could allow an attacker to read encrypted credentials of other users on the switch, potentially leading to further unauthorized acce...
The vulnerability of the JetBrains YouTrack project and task management software interface allows a hacker to obtain the user’s encrypted credentials.
The vulnerability of the JetBrains YouTrack project and task management software interface relates to the disclosure of information through registration files. Exploiting this vulnerability can allow attackers to obtain encrypted user credentials...
The vulnerability of the Yeti threat analysis platform, which relies on the use of strictly encrypted credentials, allows attackers to escalate their privileges.
The vulnerability of the Yeti threat analysis platform is related to the use of strictly encrypted credentials. Exploiting this vulnerability allows a remote attacker to enhance their privileges by using a static JWT token...
The vulnerability of the web interface of Draytek Vigor routers, Draytek Vigor access points, Draytek Vigor switches, and the cloud platform Draytek Vigor Myvigor arises from the use of rigidly encrypted credentials. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the web interface of Draytek Vigor routers, Draytek Vigor access points, Draytek Vigor switches, and the cloud platform Draytek Vigor Myvigor is related to the use of rigidly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to compromise the...
The vulnerability of Dell RecoverPoint’s data protection software for virtual machines, related to the use of strictly encrypted credentials, allows attackers to gain unauthorized access to protected information.
The vulnerability of Dell RecoverPoint’s data protection software for virtual machines relates to the use of strictly encrypted authentication credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information remotely...
The vulnerability of the Hyper-converged Infrastructure of Microsoft Azure Stack (HCI), which stems from the use of strictly encrypted credentials, allows attackers to escalate their privileges.
The vulnerability of the Hyper-converged Infrastructure of Microsoft Azure Stack HCI is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of Siemens SINEMA Remote Connect lies in its insufficient limit on authentication attempts, allowing attackers to obtain encrypted user credentials.
The vulnerability of Siemens SINEMA Remote Connect relates to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to obtain encrypted user credentials remotely...
The vulnerability of the Client Communication component of the Siemens SINEMA Remote Connect server allows a hacker to obtain encrypted user credentials.
The vulnerability of the Client Communication component in the Siemens SINEMA Remote Connect server is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to obtain encrypted user credentials remotely...
The vulnerability of the /etc/shadow file in microprogramming-based router software like LB-LINK allows a hacker to gain unauthorized access to protected information.
The vulnerability of the /etc/shadow file in microprogramming-based router software like LB-LINK lies in the use of strictly encrypted user credentials. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...