Lucene search
K

569 matches found

CNNVD
CNNVD
added 2026/02/09 12:0 a.m.9 views

Birtech Senseway 安全漏洞

Birtech Senseway is an environmental data monitoring platform developed by the Turkish company Birtech. Versions of Birtech Senseway from 09022026 onward contain security vulnerabilities. These vulnerabilities stem from insecure storage of sensitive information, which may lead to the retrieval of...

6.5CVSS5.8AI score0.00249EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/04 9:38 p.m.4 views

Insecure Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information when sealing/unsealing the “vault” key. An attacker can gain unauthorized access to sensitive configuration data and modify system settings by physically removing the disk, altering files on...

8.8CVSS7.9AI score0.00161EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/04 8:46 p.m.4 views

Insecure Storage of Sensitive Information

Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information due to the /config partition not being protected by measured boot, mutable, and unencrypted. An attacker can gain unauthorized root access by physically removing the disk, modifying the /config...

8.8CVSS8AI score0.0016EPSS
Exploits0References3
Snyk
Snyk
added 2026/01/12 6:7 p.m.4 views

Insecure Storage of Sensitive Information

Overview wlc is an A command-line utility for Weblate, translation tool with tight version control integration Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information via insecure configuration of the key parameter. An attacker can gain unauthorized access to...

5.5CVSS6.6AI score0.00164EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:55 a.m.4 views

CVE-2023-40728

A vulnerability has been identified in QMS Automotive All versions V12.39. The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service...

7.8CVSS7.8AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.12 views

CVE-2022-0724

Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3...

9.1CVSS6.6AI score0.01327EPSS
Exploits1References1
NVD
NVD
added 2026/01/05 4:15 p.m.8 views

CVE-2025-67303

An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface...

7.5CVSS0.01361EPSS
Exploits3References2
OSV
OSV
added 2026/01/05 4:15 p.m.5 views

CVE-2025-67303

An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in an insufficiently protected location that was accessible via the web interface...

7.5CVSS6AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.5 views

PT-2026-1293

Name of the Vulnerable Software and Affected Versions ComfyUI-Manager versions prior to 3.38 Description An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the application storing its files in a...

7.5CVSS7.8AI score0.01361EPSS
Exploits3References18
Cvelist
Cvelist
added 2025/12/19 4:35 p.m.26 views

CVE-2025-65035 GLPI Database Inventory Plugin Vulnerable to Stored Object Injection

pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. Prior to version 1.1.2, in certain conditions database write access must first be obtained through another vulnerability or misconfiguration...

6.4CVSS0.0026EPSS
Exploits0References3
OSV
OSV
added 2025/12/19 4:35 p.m.6 views

CVE-2025-65035 GLPI Database Inventory Plugin Vulnerable to Stored Object Injection

pluginsGLPI's Database Inventory Plugin "manages" the Teclib' inventory agents in order to perform an inventory of the databases present on the workstation. Prior to version 1.1.2, in certain conditions database write access must first be obtained through another vulnerability or misconfiguration...

6.4CVSS6.9AI score0.0026EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/19 12:0 a.m.6 views

Database inventory plugin 代码问题漏洞

Database inventory plugin is an open source database management plugin for GLPI Project Plugins. A code issue vulnerability exists in versions of Database inventory plugin prior to 1.1.2, which stems from insecure storage of user-controlled data and could lead to the instantiation of arbitrary PH...

6.4CVSS7AI score0.0026EPSS
Exploits0References4
Veracode
Veracode
added 2025/12/13 5:26 a.m.4 views

Insecure Storage Of Sensitive Information

Liferay Portal and Liferay DXP are vulnerable to insecure storage of sensitive information. The vulnerability is due to storing password reset tokens in plain text in the database, which allows an attacker with database access to retrieve the token, reset a user’s password, and take over the user...

6.9CVSS5.8AI score0.00228EPSS
Exploits0References4Affected Software2
CVE
CVE
added 2025/12/10 12:0 a.m.9 views

CVE-2025-65832

The CVE describes a memory-handling flaw in the Meatmeet mobile application (notably Meatmeet Pro App version v1.1.2.0 per CNNVD) where sensitive data stored in memory—Wi-Fi credentials transmitted during pairing, JWTs, and other details—can be exposed by a memory dump after logout. An attacker w...

4.6CVSS5.9AI score0.00122EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/12/09 6:30 p.m.6 views

EUVD-2025-201888

Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files may be accessed from other malicious applications...

4.8CVSS6.3AI score0.00111EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/02 7:55 a.m.6 views

CVE-2025-10971 Insecure Storage of Sensitive Information

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...

8.8CVSS0.00103EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/02 7:55 a.m.3 views

EUVD-2025-200212

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...

8.8CVSS6.4AI score0.00103EPSS
Exploits0References2
CVE
CVE
added 2025/12/02 7:55 a.m.8 views

CVE-2025-10971

CVE-2025-10971 describes an insecure storage of sensitive information in MeetMe on iOS and Android, allowing retrieval of embedded sensitive data. Affected: MeetMe versions up to 2.2.5. The CVSS 4.0 vector indicates a LOCAL attack with HIGH impact to confidentiality, integrity, and a Low impact t...

8.8CVSS6.5AI score0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/02 7:55 a.m.2 views

CVE-2025-10971 Insecure Storage of Sensitive Information

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...

8.8CVSS6.5AI score0.00103EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.4 views

PT-2025-48652

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...

8.8CVSS6.9AI score0.00103EPSS
Exploits0References2
Rows per page
Query Builder