Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

569 matches found

CNNVD
CNNVDadded 2023/01/14 12:0 a.m.34 views

Publify 安全漏洞

Publify is a simple but full-featured web publishing software. A security vulnerability exists in Publify versions prior to 9.2.10 that stems from insecure storage of sensitive information...

6.5CVSS5.2AI score0.00562EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/01/14 12:0 a.m.4 views

PT-2023-12937 · Publify · Publify

Name of the Vulnerable Software and Affected Versions: publify/publify versions prior to 9.2.10 Description: The issue concerns insecure storage of sensitive information in the GitHub repository publify/publify. Recommendations: For versions prior to 9.2.10, update to version 9.2.10 or later to...

6.5CVSS4.8AI score0.00562EPSS
Exploits1References11
CVE
CVEadded 2023/01/14 12:0 a.m.67 views

CVE-2022-2815

CVE-2022-2815 affects Publify/publify versions prior to 9.2.10 due to insecure storage of sensitive information in the GitHub repository. The provided sources describe the root cause as insecure storage, implying potential disclosure of sensitive data. Remediation: upgrade to version 9.2.10 or la...

6.5CVSS5.4AI score0.00562EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/01/14 12:0 a.m.7 views

CVE-2022-2815 Insecure Storage of Sensitive Information in publify/publify

Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10...

4.6CVSS6.5AI score0.00562EPSS
Exploits1References2
RubySec
RubySecadded 2023/01/14 12:0 a.m.24 views

Publify Core does not strip metadata from images

Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10...

6.5CVSS1.4AI score0.00562EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/12/17 6:44 p.m.21 views

CVE-2022-38659 HCL BigFix Platform is affected by insecure credential storage

In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent...

6CVSS7.8AI score0.00126EPSS
Exploits0References1
Prion
Prionadded 2022/11/10 9:15 p.m.23 views

Design/Logic Flaw

ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source. Versions prior to 2.3.12 and 1.0.13 are subject to Insecure Storage of Sensitive Information. Unauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or...

5CVSS5.3AI score0.01295EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2022/11/10 12:0 a.m.116 views

CVE-2022-41876

CVE-2022-41876 affects ezplatform-graphql (Ibexa DXP and Ibexa Open Source). The vulnerability is caused by insecure storage that allows unauthenticated GraphQL queries to expose user password hashes (typically for admins/editors). Patches exist in Ibexa/DXP versions 2.3.12 and 1.0.13 on the 1.X ...

7.5CVSS5.6AI score0.01295EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2022/11/10 12:0 a.m.40 views

CVE-2022-41876 ezplatform-graphql GraphQL queries can expose password hashes

ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source. Versions prior to 2.3.12 and 1.0.13 are subject to Insecure Storage of Sensitive Information. Unauthenticated GraphQL queries for user accounts can expose password hashes of users that have created or...

7.5CVSS7.8AI score0.01295EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2022/10/17 12:0 a.m.5 views

CVE-2022-3206 Passster < 3.5.5.5.2 - Insecure Storage of Password

The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. This puts the password at risk in case the cookies get leaked...

6.8AI score0.00452EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/17 12:0 a.m.22 views

CVE-2022-3206 Passster < 3.5.5.5.2 - Insecure Storage of Password

The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. This puts the password at risk in case the cookies get leaked...

6AI score0.00452EPSS
Exploits1References1
Patchstack
Patchstackadded 2022/09/21 12:0 a.m.17 views

WordPress Passster plugin <= 3.5.5.5.1 - Insecure Storage of Password vulnerability

Insecure Storage of Password vulnerability discovered by Raad Haddad Cloudyrion GmbH in WordPress Passster plugin versions = 3.5.5.5.1. Solution Update the WordPress Passster – Password Protection plugin to the latest available version at least 3.5.5.5.2...

5.9CVSS1.6AI score0.00452EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/09/07 2:15 p.m.4 views

CVE-2022-35513

The Blink1Control2 application = 2.2.7 uses weak password encryption and an insecure method of storage...

7.5CVSS7.1AI score0.0414EPSS
Exploits5References4
NVD
NVDadded 2022/09/07 2:15 p.m.32 views

CVE-2022-35513

The Blink1Control2 application = 2.2.7 uses weak password encryption and an insecure method of storage...

7.5CVSS0.0414EPSS
Exploits5References3
OSV
OSVadded 2022/09/07 2:15 p.m.13 views

CVE-2022-35513

The Blink1Control2 application = 2.2.7 uses weak password encryption and an insecure method of storage...

7.5CVSS7.7AI score0.0414EPSS
Exploits5References3
Cvelist
Cvelistadded 2022/09/07 1:54 p.m.41 views

CVE-2022-35513

The Blink1Control2 application = 2.2.7 uses weak password encryption and an insecure method of storage...

7.8AI score0.0414EPSS
Exploits5References3
CVE
CVEadded 2022/09/07 1:54 p.m.69 views

CVE-2022-35513

CVE-2022-35513 affects Blink1Control2

7.5CVSS7.5AI score0.0414EPSS
Exploits5References3Affected Software1
CNNVD
CNNVDadded 2022/09/07 12:0 a.m.2 views

Blink1Control2 加密问题漏洞

Blink1Control2 is a desktop application by Tod Kurt Personal Developer. It is used to control and hook events to blink1. A security vulnerability exists in Blink1Control2 version 2.2.7 and earlier that stems from the use of weak password encryption and insecure storage methods...

7.5CVSS7.2AI score0.0414EPSS
Exploits5References7
Positive Technologies
Positive Technologiesadded 2022/09/07 12:0 a.m.2 views

PT-2022-22877 · Unknown · Blink1Control2

Name of the Vulnerable Software and Affected Versions: Blink1Control2 versions prior to 2.2.9 Description: The issue concerns the use of weak password encryption and an insecure method of storage in the Blink1Control2 application. Recommendations: For versions prior to 2.2.9, update to version...

7.5CVSS7.4AI score0.0414EPSS
Exploits5References13
NVD
NVDadded 2022/08/19 1:15 p.m.9 views

CVE-2022-1021

Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0...

7.6CVSS0.00614EPSS
Exploits1References2
Rows per page
Query Builder