569 matches found
Birtech Senseway 安全漏洞
Birtech Senseway is an environmental data monitoring platform developed by the Turkish company Birtech. Versions of Birtech Senseway from 09022026 onward contain security vulnerabilities. These vulnerabilities stem from insecure storage of sensitive information, which may lead to the retrieval of...
Insecure Storage of Sensitive Information
Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information when sealing/unsealing the “vault” key. An attacker can gain unauthorized access to sensitive configuration data and modify system settings by physically removing the disk, altering files on...
Insecure Storage of Sensitive Information
Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information due to the /config partition not being protected by measured boot, mutable, and unencrypted. An attacker can gain unauthorized root access by physically removing the disk, modifying the /config...
Insecure Storage of Sensitive Information
Overview wlc is an A command-line utility for Weblate, translation tool with tight version control integration Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information via insecure configuration of the key parameter. An attacker can gain unauthorized access to...
CVE-2023-40728
A vulnerability has been identified in QMS Automotive All versions V12.39. The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service...
CVE-2022-0724
Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3...
CVE-2025-67303
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface...
CVE-2025-67303
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface...
PT-2026-1293
Name of the Vulnerable Software and Affected Versions ComfyUI-Manager versions prior to 3.38 Description An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in a...
CVE-2025-65035 GLPI Database Inventory Plugin Vulnerable to Stored Object Injection
pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. Prior to version 1.1.2, in certain conditions database write access must first be obtained through another vulnerability or misconfiguration...
CVE-2025-65035 GLPI Database Inventory Plugin Vulnerable to Stored Object Injection
pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. Prior to version 1.1.2, in certain conditions database write access must first be obtained through another vulnerability or misconfiguration...
Database inventory plugin 代码问题漏洞
Database inventory plugin is an open source database management plugin for GLPI Project Plugins. A code issue vulnerability exists in versions of Database inventory plugin prior to 1.1.2, which stems from insecure storage of user-controlled data and could lead to the instantiation of arbitrary PH...
Insecure Storage Of Sensitive Information
Liferay Portal and Liferay DXP are vulnerable to insecure storage of sensitive information. The vulnerability is due to storing password reset tokens in plain text in the database, which allows an attacker with database access to retrieve the token, reset a user’s password, and take over the user...
CVE-2025-65832
The CVE describes a memory-handling flaw in the Meatmeet mobile application (notably Meatmeet Pro App version v1.1.2.0 per CNNVD) where sensitive data stored in memory—Wi-Fi credentials transmitted during pairing, JWTs, and other details—can be exposed by a memory dump after logout. An attacker w...
EUVD-2025-201888
Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files may be accessed from other malicious applications...
CVE-2025-10971 Insecure Storage of Sensitive Information
Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...
EUVD-2025-200212
Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...
CVE-2025-10971
CVE-2025-10971 describes an insecure storage of sensitive information in MeetMe on iOS and Android, allowing retrieval of embedded sensitive data. Affected: MeetMe versions up to 2.2.5. The CVSS 4.0 vector indicates a LOCAL attack with HIGH impact to confidentiality, integrity, and a Low impact t...
CVE-2025-10971 Insecure Storage of Sensitive Information
Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...
PT-2025-48652
Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...