PT-2025-28382 · Unknown · Emergency Sos

Name of the Vulnerable Software and Affected Versions: Emergency SOS versions prior to SMR Jul-2025 Release 1 Description: The issue concerns insecure storage of sensitive information in Emergency SOS, allowing local attackers to access sensitive information. Recommendations: For versions prior t...

McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information

Exploit Title: McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information Date: 24 June 2025 Exploit Author: Keenan Scott Vendor Homepage: hxxps://www.mcafee.com/ Software Download: N/A Unable to find Version: Arguments CmdletBinding param string$DbSource =...

CVE-2024-41290

FlatPress CMS v1.3.1 1.3 was discovered to use insecure methods to store authentication data via the cookie's component...

CVE-2024-21826

in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage...

CVE-2024-33004

SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see the sensitive information through cache and can open the pages causing limited impact on...

CVE-2024-29941

Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...

CVE-2023-22687

Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate Plugins – Plugin manager and cleanup plugin = 1.9.4.0 versions...

CVE-2023-37400

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...

CVE-2022-35513

The Blink1Control2 application = 2.2.7 uses weak password encryption and an insecure method of storage...

CVE-2021-25524

Insecure storage of device information in Contacts prior to version 12.7.05.24 allows attacker to get Samsung Account ID...

CVE-2021-25523

Insecure storage of device information in Samsung Dialer prior to version 12.7.05.24 allows attacker to get Samsung Account ID...

CVE-2021-22914

Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information due to sensitive information being stored in the Citrix Cloud Connector installation log files. Such information could be used by an malicious actor to access a Citrix Cloud environment. This issue...

Exploit for CVE-2024-37010

CVE-2024-37010 Exploit for the CVE-2024-37010: access other u...

The vulnerability of the Linux-PAM authentication module, related to the insecure storage of confidential information, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Linux-PAM authentication module is related to the insecure storage of confidential information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-51775 DESCRIPTION: jose4j is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted p2c value...

The vulnerability of the Factory Default configuration of the Microprogramming Software for Digital Radio Data Transmission Devices Trio Q Data Radio, which allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Factory Default configuration of the Microprogramming Software for Digital Radio Data Transmission Devices from Trio Q Data Radio is related to the insecure storage of confidential information. Exploiting this vulnerability could allow an intruder to gain unauthorized...

CVE-2025-2440

CWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially lead to unauthorized access of confidential data when a malicious user, having physical access and advanced information on the file system, sets the radio in factory default mode...

CVE-2025-29809

Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally...

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to circumvent existing security restrictions and expose sensitive information.

The vulnerability of the Kerberos protocol for Windows operating systems is related to the insecure storage of confidential information. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions and expose the protected information...

CVE-2025-2440

CWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially lead to unauthorized access of confidential data when a malicious user, having physical access and advanced information on the file system, sets the radio in factory default mode...