CVE-2025-2440

CVE-2025-2440 affects Schneider Electric Trio Q Licensed Data Radio. Affected: Trio Q radios with insecure storage that can disclose confidential data when a physical attacker sets the radio to factory default mode. Root cause: insecure storage of sensitive information; initialization/default sta...

CVE-2025-2440

CWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially lead to unauthorized access of confidential data when a malicious user, having physical access and advanced information on the file system, sets the radio in factory default mode...

Schneider Electric Trio Q Licensed Data Radio 安全漏洞

Schneider Electric Trio Q Licensed Data Radio is a radio from Schneider Electric France. A security vulnerability exists in Schneider Electric Trio Q Licensed Data Radio versions prior to v2.7.2, which stems from insecure storage of sensitive information and could lead to unauthorized access...

CVE-2025-29809

Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally...

CVE-2025-29809

CVE-2025-29809 is a Windows Kerberos security feature bypass vulnerability. The issue involves insecure storage of sensitive information in Kerberos, enabling an attacker with local access and low privileges, and no user interaction, to bypass a security feature. Affected product/area: Windows Ke...

Windows Kerberos Security Feature Bypass Vulnerability

Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally...

PT-2025-15686 · Schneider Electric · Trio Q Data Radio +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A security issue exists due to insecure storage of sensitive information, potentially leading to unauthorized access of confidential data. This could happen when a malicious user with physic...

Security Bulletin: IBM Watson Speech Services Cartridge v5.1.1 is vulnerable to multiple Base OS issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues. We have updated the base image used by our Speech Services and the following vulnerabilities have been addressed. Please read the details for remediation below. Vulnerability Details CVEID:CVE-2019-12900...

Mars: debug.log leaked [█████████]

The report identified a security vulnerability in the visitor management system that exposed a debug log file containing personally identifiable information. The log file was publicly accessible without authentication, allowing unauthorized access to sensitive user data. The vulnerability was...

CVE-2025-2489

Insecure information storage vulnerability in NTFS Tools version 3.5.1. Exploitation of this vulnerability could allow an attacker to know the application password, stored in /Users/user/Library/Application Support/ntfs-tool/config.json...

CVE-2025-2489

Insecure information storage vulnerability in NTFS Tools version 3.5.1. Exploitation of this vulnerability could allow an attacker to know the application password, stored in /Users/user/Library/Application Support/ntfs-tool/config.json...

CVE-2025-2489 Insecure storage of sensitive information in NTFS Tool

Insecure information storage vulnerability in NTFS Tools version 3.5.1. Exploitation of this vulnerability could allow an attacker to know the application password, stored in /Users/user/Library/Application Support/ntfs-tool/config.json...

CVE-2025-2489 Insecure storage of sensitive information in NTFS Tool

Insecure information storage vulnerability in NTFS Tools version 3.5.1. Exploitation of this vulnerability could allow an attacker to know the application password, stored in /Users/user/Library/Application Support/ntfs-tool/config.json...

CVE-2025-21098 Liteos-A has an insecure storage of sensitive information vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check...

CVE-2025-21098 Liteos-A has an insecure storage of sensitive information vulnerability

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through out-of-bounds read bypass permission check...

CVE-2025-24843 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Storage of Sensitive Data in a Mechanism without Access Control

Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity, authenticity, and attestation of stored data...

CVE-2025-22492 Insecure storage of connection strings in FRS

The connection string visible to users with access to FRSCore database on Foreseer Reporting Software FRS VM, this string can be used for gaining administrative access to the 4crXref database. This vulnerability has been resolved in the latest version 1.5.100 of FRS...

CVE-2025-22492

CVE-2025-22492 affects Eaton Foreseer Reporting Software (FRS) – specifically the FRSCore database connection string exposed to users with access to the FRS VM. The root issue is exposure of the FRSCore database connection string, which can enable gain of administrative access to the 4crXref data...

CVE-2025-22492 Insecure storage of connection strings in FRS

The connection string visible to users with access to FRSCore database on Foreseer Reporting Software FRS VM, this string can be used for gaining administrative access to the 4crXref database. This vulnerability has been resolved in the latest version 1.5.100 of FRS...

CVE-2024-9334

Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control vulnerability in E-Kent Pallium Vehicle Tracking allows Authentication Bypass. This issue affects Pallium Vehicle Tracking: before 17.10.2024...