Lucene search
+L

64 matches found

veracode
veracode
added 2024/06/03 7:21 a.m.12 views

Insecure Credential Storage

typo3/cms-core is vulnerable to Insecure Credential Storage. The vulnerability is due to the persistence of database records containing insecure or empty credentials when certain changes are made to user account types in the TYPO3 backend, which allows an attacker to cause insecure or empty...

7AI score
Exploits0
nvd
nvd
added 2024/04/19 2:15 p.m.21 views

CVE-2023-37400

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...

7.8CVSS7.5AI score0.00151EPSS
Exploits0References2
osv
osv
added 2024/04/19 2:15 p.m.4 views

CVE-2023-37400

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...

7.8CVSS5.8AI score0.00151EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/04/19 2:2 p.m.13 views

CVE-2023-37400 IBM Aspera Faspex privilege escalation

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...

7.8CVSS6.5AI score0.00151EPSS
Exploits0References2
cve
cve
added 2024/04/19 2:2 p.m.55 views

CVE-2023-37400

CVE-2023-37400 affects IBM Aspera Faspex 5.0.0–5.0.7; root cause is insecure credential storage that can enable a local user to escalate privileges. IBM PT/IBM bulletin confirms the fix is available in Faspex 5.0.8. Affected products and versions: Aspera Faspex 5.0.0–5.0.7. Remediation: upgrade t...

7.8CVSS6.4AI score0.00151EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/04/19 2:2 p.m.24 views

CVE-2023-37400 IBM Aspera Faspex privilege escalation

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...

7.8CVSS7.5AI score0.00151EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2024/04/19 12:0 a.m.5 views

PT-2024-12612 · Ibm · Ibm Aspera Faspex

Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.7 Description: The issue is related to insecure credential storage, which could allow a local user to escalate their privileges. Recommendations: For IBM Aspera Faspex versions 5.0.0 through 5.0.7,...

7.8CVSS6.9AI score0.00151EPSS
Exploits0References6
ibm
ibm
added 2024/04/18 5:55 p.m.23 views

Security Bulletin: IBM Aspera Faspex is vulnerable to privilege escalation for local users.

Summary IBM Aspera Faspex has addressed a vulnerability due to insecure credential storage CVE-2023-37400 Vulnerability Details CVEID:CVE-2023-37400 DESCRIPTION: IBM Aspera Faspex could allow a local user to escalate their privileges due to insecure credential storage. CVSS Base score: 8.4 CVSS...

7.8CVSS7.5AI score0.00151EPSS
Exploits0Affected Software5
cnnvd
cnnvd
added 2023/10/11 12:0 a.m.9 views

HCL Technologies BigFix Patch Management Security Vulnerability

HCL Technologies BigFix Patch Management is a comprehensive patch management solution from HCL Technologies, Inc. designed to help organizations effectively manage and deploy security and non-security patches for operating systems and applications. HCL Technologies BigFix Patch Management has a...

4.6CVSS6.9AI score0.0015EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2022/12/17 6:44 p.m.6 views

CVE-2022-38659 HCL BigFix Platform is affected by insecure credential storage

In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent...

6CVSS7.6AI score0.00126EPSS
Exploits0References1
packetstorm
packetstorm
added 2022/09/20 12:0 a.m.357 views

Trojan-Dropper.Win32.Corty.10 MVID-2022-0639 Insecure Credential Storage

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Corty.10 Vulnerability: Insecure Credential Storage Description: The...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2022/08/09 12:0 a.m.325 views

Backdoor.Win32.Guptachar.20 MVID-2022-0631 Insecure Credential Storage

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Guptachar.20 Vulnerability: Insecure Credential Storage Description: The...

7.4AI score
Exploits0
ptsecurity
ptsecurity
added 2022/06/22 12:0 a.m.9 views

PT-2022-3158 · Emerson · Emerson Openbsi

Name of the Vulnerable Software and Affected Versions: Emerson OpenBSI versions prior to 2022-04-29 Description: The issue is related to the insecure storage of confidential information in the SecUsers.ini file, which can be exploited by a remote attacker to gain access to user credentials. The...

7.8CVSS5.7AI score0.00252EPSS
Exploits0References9
packetstorm
packetstorm
added 2022/04/19 12:0 a.m.243 views

Backdoor.Win32.Delf.zn Insecure Credential Storage

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9acdbfc9f7c1f6e589485b30aa91bfd2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.zn Vulnerability: Insecure Credential Storage Description: The default credentia...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2022/04/07 12:0 a.m.222 views

Backdoor.Win32.Ptakks.XP.a Insecure Credential Storage

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/e087725b01dded75d85a20db58335fa8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ptakks.XP.a Vulnerability: Insecure Credential Storage Description: The default...

7.4AI score
Exploits0
nvd
nvd
added 2022/03/30 12:15 a.m.28 views

CVE-2022-26948

The Archer RSS feed integration for Archer 6.x through 6.9 SP1 6.9.1.0 is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks...

7.5CVSS0.00563EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/03/30 12:15 a.m.3 views

CVE-2022-26948

The Archer RSS feed integration for Archer 6.x through 6.9 SP1 6.9.1.0 is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks...

7.5CVSS5.9AI score0.00563EPSS
Exploits0References3
prion
prion
added 2022/03/30 12:15 a.m.17 views

Design/Logic Flaw

The Archer RSS feed integration for Archer 6.x through 6.9 SP1 6.9.1.0 is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks...

5CVSS7.4AI score0.00563EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/03/29 11:33 p.m.32 views

CVE-2022-26948

The Archer RSS feed integration for Archer 6.x through 6.9 SP1 6.9.1.0 is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks...

5.8CVSS7.6AI score0.00563EPSS
Exploits0References2
cve
cve
added 2022/03/29 11:33 p.m.87 views

CVE-2022-26948

The CVE-2022-26948 entry affects the Archer RSS feed integration in Archer 6.x up to 6.9 SP1 (6.9.1.0). The root cause is insecure credential storage, allowing a malicious actor to access credential information and potentially use it for further attacks. The available documents do not provide spe...

7.5CVSS7.3AI score0.00563EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder