Lucene search
K

569 matches found

CNNVD
CNNVD
added 2025/09/03 12:0 a.m.5 views

SAMSUNG Secure Folder 安全漏洞

SAMSUNG Secure Folder is a privacy protection software from Samsung South Korea. A security vulnerability exists in SAMSUNG Secure Folder Android prior to version 16, which stems from insecure storage of sensitive information and could lead to a local attacker accessing sensitive information...

6.2CVSS6AI score0.0012EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/03 12:0 a.m.8 views

PT-2025-35695

Name of the Vulnerable Software and Affected Versions: Android versions prior to 16 Description: The Secure Folder feature exhibits insecure storage of sensitive information, potentially allowing local attackers to gain unauthorized access to this data. Recommendations: Update to Android version ...

6.2CVSS6.3AI score0.0012EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/29 5:47 a.m.3 views

Multiple vulnerabilities in multiple iND products

Overview Multiple products provided by iND Co.,Ltd contain multiple vulnerabilities listed below. Insecure storage of sensitive information CWE-922 - CVE-2025-53507 OS command injection CWE-78 - CVE-2025-53508 HL330-DLS, HL320-DLS Taizoh Tsukamoto of Mitsui Bussan Secure Directions, Inc. reported...

8.6CVSS7.4AI score0.01293EPSS
Exploits0References7
NVD
NVD
added 2025/08/29 5:15 a.m.3 views

CVE-2025-53507

Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under Product Status...

7.1CVSS0.00281EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/29 4:13 a.m.6 views

CVE-2025-53507

Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under Product Status...

7.1CVSS0.00281EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/29 4:13 a.m.1 views

CVE-2025-53507

Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information vulnerability. If exploited, configuration information, such as admin password, may be disclosed. As for the details of affected product names and versions, refer to the information under Product Status...

7.1CVSS6.1AI score0.00281EPSS
Exploits0References2
CVE
CVE
added 2025/08/29 4:13 a.m.15 views

CVE-2025-53507

CVE-2025-53507 affects multiple iND Co.,Ltd products (e.g., HL330-DLS, HL320-DLS, LM-100/LM-200, L2X Assist(-RS-A), F2L Assist(-SS-A/E)) due to insecure storage of sensitive information, mainly configuration data such as admin passwords. Root cause: storing credentials insecurely within affected ...

7.1CVSS6.4AI score0.00281EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/29 12:0 a.m.4 views

PT-2025-35184

Name of the Vulnerable Software and Affected Versions: iND Co.,Ltd products affected versions not specified Description: Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information issue. Exploitation may lead to the disclosure of configuration information, such...

7.1CVSS6.4AI score0.00281EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/29 12:0 a.m.5 views

JVN#50585992: Multiple vulnerabilities in multiple iND products

Multiple products provided by iND Co.,Ltd contain multiple vulnerabilities listed below. Insecure storage of sensitive information CWE-922 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 7.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Base Score 6.5 CVE-2025-53507 OS...

8.6CVSS7.2AI score0.01293EPSS
Exploits0
CNNVD
CNNVD
added 2025/08/29 12:0 a.m.3 views

iND多款产品 安全漏洞

The iND HL330-DLS and others are an embedded hardware terminal from iND Japan. A security vulnerability exists in several iND products. The vulnerability stems from the insecure storage of sensitive information, which may lead to the disclosure of configuration information. The following products...

7.1CVSS6.5AI score0.00281EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/08/08 12:0 a.m.7 views

The vulnerability of the API interface of the 5G HPE Aruba Networking Private 5G Core platform allows a attacker to disclose protected information.

The vulnerability of the API interface of the 5G HPE Aruba Networking Private 5G Core platform relates to the insecure storage of confidential information. Exploiting this vulnerability could allow a malicious actor to disclose the protected information...

7.7CVSS5.4AI score0.00396EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/29 12:0 a.m.5 views

The vulnerability of the “hg pull” command in the Continuous Integration and Delivery Application Deployment system (CI/CD) of JetBrains TeamCity, which allows a hacker to expose confidential information

The vulnerability of the “hg pull” command in the Continuous Integration and Delivery Application Deployment system CI/CD of JetBrains TeamCity is related to the storage of information in an open manner. Exploiting this vulnerability can allow attackers to expose confidential information...

5.5CVSS5.4AI score0.00249EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/07/21 7:52 a.m.8 views

CVE-2025-4570

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized actor to obtain a token that could be used to communicate with certain services. Refer to the 'Security Update for for MyASUS' section on the ASUS Security Advisory for more information...

6.9CVSS0.00354EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.1 views

ASUS MyASUS 安全漏洞

ASUS MyASUS is an official ASUS PC application from Asus China Inc. A security vulnerability exists in ASUS MyASUS that stems from insecure storage of sensitive keys, which could lead to unauthorized participants obtaining a token...

6.9CVSS6.5AI score0.00354EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/21 12:0 a.m.3 views

PT-2025-30246 · Asus · Myasus

Name of the Vulnerable Software and Affected Versions: MyASUS affected versions not specified Description: An issue involving insecure storage of sensitive keys was identified in MyASUS. This could potentially allow an unauthorized actor to obtain a token used for communication with certain...

6.9CVSS5.9AI score0.00354EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2025/07/16 12:0 a.m.5 views

The vulnerability of the Apica Loadtest plugin for Jenkins’ automation server, related to the storage of registration data, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Apica Loadtest plugin for Jenkins-based automation servers lies in the way registration data is stored in an open manner within the config.xml file. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

4.3CVSS5.4AI score0.00263EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/10 11:22 a.m.10 views

CVE-2025-21003

Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information...

5.5CVSS6.5AI score0.00125EPSS
Exploits0References1
Snyk
Snyk
added 2025/07/09 4:47 p.m.4 views

Insecure Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information in the storage of the JWT token in the global configuration file on the controller. An attacker can access sensitive authentication credentials by obtaining access to the controller file system...

6.8CVSS7AI score0.00196EPSS
Exploits0References2
CVE
CVE
added 2025/07/08 10:34 a.m.26 views

CVE-2025-21003

CVE-2025-21003 concerns insecure storage of sensitive information in Samsung’s Emergency SOS prior to SMR Jul-2025 Release 1, allowing a local attacker to access sensitive data. Connected sources confirm the issue affects Emergency SOS and indicate the vulnerability arises from insecure storage, ...

5.5CVSS6.4AI score0.00125EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.2 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Jul-2025 Release 1, which stems from an insecure storage of sensitive...

5.5CVSS5.9AI score0.00125EPSS
Exploits0References1
Rows per page
Query Builder