Lucene search
K

167 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/23 12:0 a.m.5 views

The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers allows a hacker to gain unauthorized access to protected information.

The vulnerability of the config.xml file in TP-Link Archer C50 Wi-Fi routers lies in the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to protected information from a remote location...

5.7CVSS5.8AI score0.00252EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/21 12:0 a.m.6 views

The vulnerability of the HPE Networking Instant On configuration and access point management tool lies in its use of strictly encrypted credentials. This allows attackers to circumvent security restrictions and gain increased privileges.

The vulnerability of the HPE Networking Instant On configuration and access point management tool is related to the use of strictly encrypted credentials. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain increased privileges...

10CVSS7.5AI score0.01003EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/13 12:0 a.m.5 views

The vulnerability of the ColdFusion software platform, which stems from the use of strictly encrypted user credentials, allows attackers to escalate their privileges.

The vulnerability of the ColdFusion software platform is related to the use of strictly encrypted user credentials. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

8.8CVSS5.4AI score0.0028EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/06/25 12:0 a.m.5 views

The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller (NDFC) and the Cisco Nexus Dashboard platform for analyzing and automating cloud-based data center operations allows attackers to impersonate other users and obtain encrypted user credentials.

The vulnerability of the SSH protocol implementation in the Cisco Nexus Dashboard Fabric Controller NDFC and the Cisco Nexus Dashboard cloud network analytics and automation platform is related to insufficient security checks for the protected connection. Exploiting this vulnerability allows a...

8.7CVSS5.5AI score0.00365EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/06/06 12:0 a.m.3 views

The vulnerability of the dtale library, related to the use of strictly encrypted credentials during the processing of the SECRET_KEY parameter, allows a hacker to bypass existing security restrictions and execute arbitrary code on the server.

The vulnerability of the dtale library lies in the use of strictly encrypted user credentials during the processing of the SECRETKEY parameter. Exploiting this vulnerability allows an attacker to bypass existing security restrictions and execute arbitrary code on the server...

10CVSS8.2AI score0.77951EPSS
Exploits5References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/26 12:0 a.m.6 views

The vulnerability of the telnetd service in D-Link router microprogramming systems such as DIR-605L and DIR-816L allows a hacker to execute arbitrary code.

The vulnerability of the telnetd service in D-Link router microprogramming systems like DIR-605L and DIR-816L lies in the use of strictly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by using the built-in login credentials...

7.5CVSS6AI score0.00308EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/04/28 12:0 a.m.6 views

The vulnerability of the Gladinet CentreStack software platform for secure file sharing lies in the use of strictly encrypted user credentials, allowing a hacker to execute arbitrary code.

The vulnerability of the Gladinet CentreStack file sharing software platform lies in the use of strictly encrypted user credentials. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.4AI score0.92727EPSS
Exploits6References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/24 12:0 a.m.4 views

The vulnerability of the Telnet service of the TOTOLINK A810R router’s microprogramming system allows a intruder to disclose protected information.

The vulnerability of the Telnet service in the microprogramming software of TOTOLINK A810R routers is related to the use of strictly encrypted login credentials. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

6.5CVSS5.4AI score0.00244EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/19 12:0 a.m.9 views

The vulnerability of the /etc/shadow file in TOTOLINK CA300-PoE router microprogramming software allows a hacker to disclose protected information.

The vulnerability of the /etc/shadow file in TOTOLINK CA300-PoE router microprogramming systems is related to the use of strictly encrypted login credentials. Exploiting this vulnerability could allow an attacker to disclose the protected information...

10CVSS7.7AI score0.00819EPSS
Exploits1References2Affected Software1
Packet Storm News
Packet Storm News
added 2025/04/16 12:0 a.m.4 views

PCDiff: Proactive Control for Ownership Protection in Diffusion Models with Watermark Compatibility

With the growing demand for protecting the intellectual property IP of text-to-image diffusion models, we propose PCDiff -- a proactive access control framework that redefines model authorization by regulating generation quality. At its core, PCDIFF integrates a trainable fuser module and...

7AI score
Exploits0
Citrix
Citrix
added 2025/04/09 12:0 a.m.12 views

uberAgent is unable to read encrypted credentials stored in Windows Credential Store

Customer is attempting to store encrypted credentials in the Windows Credentials Store as described in the uberAgent documentation https://docs.citrix.com/en-us/uberagent/7-3-1/uxm-features-configuration/username-and-configuration-setting-encryption-2.html, but uberAgent is unable to read the...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/20 7:21 p.m.13 views

CVE-2025-25042

A vulnerability in the AOS-CX REST interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation could allow an attacker to read encrypted credentials of other users on the switch, potentially leading to further unauthorized acce...

4.3CVSS6.6AI score0.00314EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.5 views

The vulnerability of the JetBrains YouTrack project and task management software interface allows a hacker to obtain the user’s encrypted credentials.

The vulnerability of the JetBrains YouTrack project and task management software interface relates to the disclosure of information through registration files. Exploiting this vulnerability can allow attackers to obtain encrypted user credentials...

5.5CVSS5.5AI score0.00587EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.7 views

The vulnerability of the Yeti threat analysis platform, which relies on the use of strictly encrypted credentials, allows attackers to escalate their privileges.

The vulnerability of the Yeti threat analysis platform is related to the use of strictly encrypted credentials. Exploiting this vulnerability allows a remote attacker to enhance their privileges by using a static JWT token...

10CVSS7.6AI score0.00429EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/12/23 12:0 a.m.5 views

The vulnerability of the web interface of Draytek Vigor routers, Draytek Vigor access points, Draytek Vigor switches, and the cloud platform Draytek Vigor Myvigor arises from the use of rigidly encrypted credentials. This allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the web interface of Draytek Vigor routers, Draytek Vigor access points, Draytek Vigor switches, and the cloud platform Draytek Vigor Myvigor is related to the use of rigidly encrypted login credentials. Exploiting this vulnerability allows a malicious actor to compromise the...

10CVSS7.7AI score0.00599EPSS
Exploits1References2Affected Software72
BDU FSTEC
BDU FSTEC
added 2024/12/19 12:0 a.m.4 views

The vulnerability of Dell RecoverPoint’s data protection software for virtual machines, related to the use of strictly encrypted credentials, allows attackers to gain unauthorized access to protected information.

The vulnerability of Dell RecoverPoint’s data protection software for virtual machines relates to the use of strictly encrypted authentication credentials. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information remotely...

5.3CVSS5.4AI score0.00402EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.7 views

The vulnerability of the Hyper-converged Infrastructure of Microsoft Azure Stack (HCI), which stems from the use of strictly encrypted credentials, allows attackers to escalate their privileges.

The vulnerability of the Hyper-converged Infrastructure of Microsoft Azure Stack HCI is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.8CVSS5.5AI score0.0036EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.6 views

The vulnerability of Siemens SINEMA Remote Connect lies in its insufficient limit on authentication attempts, allowing attackers to obtain encrypted user credentials.

The vulnerability of Siemens SINEMA Remote Connect relates to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to obtain encrypted user credentials remotely...

7.8CVSS7.2AI score0.00445EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.5 views

The vulnerability of the Client Communication component of the Siemens SINEMA Remote Connect server allows a hacker to obtain encrypted user credentials.

The vulnerability of the Client Communication component in the Siemens SINEMA Remote Connect server is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor to obtain encrypted user credentials remotely...

7.8CVSS7.2AI score0.00412EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.53 views

The vulnerability of the /etc/shadow file in microprogramming-based router software like LB-LINK allows a hacker to gain unauthorized access to protected information.

The vulnerability of the /etc/shadow file in microprogramming-based router software like LB-LINK lies in the use of strictly encrypted user credentials. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

10CVSS5.5AI score0.00561EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder