Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded 2026/03/03 9:50 p.m.7 views

OpenClaw Loopback CDP probe can leak Gateway token to local listener

Summary A local process can capture the OpenClaw Gateway auth token from Chrome CDP probe traffic on loopback. Details Affected versions inject x-openclaw-relay-token for loopback CDP URLs, and CDP reachability probes send that header to /json/version. If an attacker controls the probed loopback...

6.8CVSS6AI score0.00126EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2025/12/24 7:27 p.m.8 views

CVE-2018-25130

Beward Intercom 2.3.1 contains a local credential-disclosure vulnerability: usernames and passwords stored in plaintext in BEWARD.INTERCOM.FDB can be read by a local attacker, enabling unauthorized access to IP cameras and door stations. Root cause: credentials stored in an unencrypted database f...

6.8CVSS6AI score0.00129EPSS
Exploits1References3
OSV
OSVadded 2025/09/04 6:15 p.m.3 views

CVE-2025-26437

In CredentialManagerServiceStub of CredentialManagerService.java, there is a possible way to retrieve candidate credentials due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

5.5CVSS5.9AI score0.00074EPSS
Exploits0References2
Packet Storm
Packet Stormadded 2019/02/10 12:0 a.m.35 views

Avast Anti-Virus Local Credential Disclosure

Exploit Title: Avast Anti-Virus Local Credentials Disclosure 19.1.2360 Date: 01/18/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Version: before 19.1.2360 build 19.1.4142.0 Tested on: Windows 10 x64 CVE: CVE-2018-12572 Based on LiquidWorm's and Yakir Wizman's proof of concepts...

7.7AI score0.00314EPSS
Exploits5
CNVD
CNVDadded 2015/05/04 12:0 a.m.2 views

FrontRange Desktop & Server Management (DSM) Profile Store Local Encryption Credentials Disclosure Vulnerability

FrontRange Desktop & Server Management is a desktop and service management application. FrontRange Desktop & Server Management insecurely stores encrypted passwords in the NiCfgLcl.ncp and NiCfgSrv.ncp configuration files, allowing a local attacker to exploit vulnerabilities to obtain sensitive...

6.6AI score
Exploits0References1
CNVD
CNVDadded 2015/03/25 12:0 a.m.1 views

Webroot Spy Sweeper Enterprise Information Disclosure Vulnerability

Webroot Spy Sweeper is a suite of anti-spyware software from the US company Webroot. Spy Sweeper Enterprise is an enterprise version of Spy Sweeper, which provides real-time, comprehensive protection against spyware for browsing the Web, reading e-mail, downloading and installing software, and...

6.5AI score
Exploits0References1
Rows per page
Query Builder