CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

Information Exposure

Element Call is vulnerable to Information Exposure. The vulnerability is due to analytics data including full page URLs and URL fragments being sent to a configured PostHog server, which allows an attacker with access to the analytics data to obtain sensitive information such as call encryption...

5.2AI score0.00023EPSS

Exploits0References2Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-7866

Malware in sbrugna...

5CVSS6.4AI score0.00152EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2000-0490

Malware in sbrugna...

5CVSS6.4AI score0.02848EPSS

Exploits0References3

CVE•added 2025/07/03 11:33 a.m.•15 views

CVE-2025-27459

The CVE-2025-27459 entry concerns a VNC application that stores passwords encrypted in the registry using DES. The root cause is the use of DES for password storage, which is considered broken, enabling recovery of original passwords. The available connected sources corroborate that passwords are...

7.5CVSS6.6AI score0.00125EPSS

Exploits0References6Affected Software1

RedhatCVE•added 2025/05/22 11:29 p.m.•2 views

CVE-2022-41400

Sage 300 through 2022 uses a hard-coded 40-byte blowfish key to encrypt and decrypt user passwords and SQL connection strings stored in ISAM database files in the shared data directory. This issue could allow attackers to decrypt user passwords and SQL connection strings...

9.8CVSS9.4AI score0.00344EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:12 p.m.•3 views

CVE-2022-36617

Arq Backup 7.19.5.0 and below stores backup encryption passwords using reversible encryption. This issue allows attackers with administrative privileges to recover cleartext passwords...

4.9CVSS7AI score0.00243EPSS

Exploits0References1

CNNVD•added 2024/04/19 12:0 a.m.•2 views

Broadcom Brocade SANnav 日志信息泄露漏洞

Broadcom Brocade SANnav is a suite of SAN management platforms from Broadcom Corporation USA. A security vulnerability exists in Brocade SANnav versions v2.3.1 and v2.3.0a, which originated from printing the Brocade Fabric OS switch encryption passwords in the support saves of the Brocade SANnav...

8.6CVSS9.3AI score0.00333EPSS

Exploits0References2

Positive Technologies•added 2022/09/09 12:0 a.m.•2 views

PT-2022-23510 · Unknown · Arq Backup

Name of the Vulnerable Software and Affected Versions: Arq Backup versions 7.19.5.0 and below Description: The issue allows attackers with administrative privileges to recover cleartext passwords because Arq Backup stores backup encryption passwords using reversible encryption. Recommendations: F...

4.9CVSS5AI score0.00243EPSS

Exploits0References4

OSV•added 2021/02/05 8:15 p.m.•1 views

CVE-2020-10554

An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM...

7.5CVSS5.8AI score0.00131EPSS

Exploits0References1

CNNVD•added 2021/02/05 12:0 a.m.•5 views

Psyprax Encryption Problem Vulnerability

A security vulnerability exists in Psyprax beforee 3.2.2, which stems from passwords used to encrypt data being stored in a fuzzy format in a database...

7.5CVSS7.1AI score0.00131EPSS

Exploits0References2

OSV•added 2020/11/19 8:15 p.m.•3 views

DEBIAN-CVE-2020-28924

An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The suggested passwords depend deterministically on the time the second rclone was started. This limi...

7.5CVSS7.2AI score0.00352EPSS

Exploits1References1

OSV•added 2020/01/23 5:15 p.m.•2 views

CVE-2019-5593

Improper permission or value checking in the CLI console may allow a non-privileged user to obtain Fortinet FortiOS plaint text private keys of system's builtin local certificates via unsetting the keys encryption password in FortiOS 6.2.0, 6.0.0 to 6.0.6, 5.6.10 and below or for user uploaded...

5.5CVSS6.1AI score0.00034EPSS

Exploits0References1

Prion•added 2014/12/22 7:59 p.m.•16 views

Design/Logic Flaw

The periodic-backup feature in Cisco Identity Services Engine ISE allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673...

5CVSS7.2AI score0.00152EPSS

Exploits0References3

CVE•added 2014/12/22 7:0 p.m.•57 views

CVE-2014-8017

Cisco Identity Services Engine (ISE) periodic-backup password disclosure vulnerability (CVE-2014-8017) arises from improper processing of certain client requests. An unauthenticated, remote attacker can trigger a crafted request that causes the backup password to be included in a reply, enabling ...

5CVSS6.9AI score0.00152EPSS

Exploits0References3Affected Software1

Cvelist•added 2014/12/22 7:0 p.m.•19 views

CVE-2014-8017

6.7AI score0.00152EPSS

Exploits0References3

Prion•added 2014/08/31 10:55 a.m.•12 views

Code injection

A certain Qualcomm Innovation Center QuIC patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum CAF releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption...

5CVSS6.9AI score0.00127EPSS

Exploits0References1Affected Software1