23 matches found
EUVD-2006-0154
Malware in sbrugna...
EUVD-2019-5595
Malware in sbrugna...
EUVD-2009-0620
Malware in sbrugna...
EUVD-2022-3122
Malicious code in bioql PyPI...
CVE-2025-34210
The CVE concerns Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SAAS deployments). The connected sources confirm that sensitive credentials (database passwords, MySQL root password, SaaS keys, Portainer admin password, etc.) are stored in cleartext files that are ...
CVE-2025-34205
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 VA and SaaS deployments contains dangerous PHP dead code present in multiple Docker-hosted PHP instances. A script named /var/www/app/resetroot.php found in several containers...
CVE-2025-34205
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 VA and SaaS deployments contains dangerous PHP dead code present in multiple Docker-hosted PHP instances. A script named /var/www/app/resetroot.php found in several containers...
CVE-2025-34205 Vasion Print (formerly PrinterLogic) Dangerous PHP Dead Code Enables RCE
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 VA and SaaS deployments contains dangerous PHP dead code present in multiple Docker-hosted PHP instances. A script named /var/www/app/resetroot.php found in several containers...
CVE-2019-14389
cPanel before 82.0.2 allows local users to discover the MySQL root password SEC-510...
CVE-2009-0617
Cisco Application Networking Manager ANM before 2.0 uses a default MySQL root password, which makes it easier for remote attackers to execute arbitrary operating-system commands or change system files...
CVE-2019-14389
cPanel before 82.0.2 allows local users to discover the MySQL root password SEC-510...
Default credentials
cPanel before 82.0.2 allows local users to discover the MySQL root password SEC-510...
CVE-2019-14389
CVE-2019-14389 affects cPanel prior to 82.0.2 . The vulnerability allows local users to obtain the MySQL root password, i.e., an information disclosure (SEC-510). Reported details from multiple sources indicate the root cause is in cPanel versions before 82.0.2, with the impact described as discl...
CVE-2018-14703
Incorrect access control in the /mysql/api/droboapp/data endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve the MySQL database root password...
CVE-2018-14703
Incorrect access control in the /mysql/api/droboapp/data endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve the MySQL database root password...
CVE-2018-14703
CVE-2018-14703 affects Drobo 5N2 NAS (version 4.0.5-13.28.96115). The issue is improper access control on the /mysql/api/droboapp/data endpoint, enabling unauthenticated attackers to retrieve the MySQL root password. The NVD entry notes a high-impact condition (CVE-3.0 vector: network, no auth, h...
Race condition
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed...
CVE-2014-4995
Vulnerability CVE-2014-4995 affects the VladTheEnterprising Ruby gem (version ~0.2); a race condition in lib/vlad/dba/mysql.rb allows local users to obtain the MySQL root password from a temporary file before it is removed. Related advisories describe insecure temporary file handling and potentia...
Hardcoded credentials
Open Dental 16.1 and earlier has a hardcoded MySQL root password, which allows remote attackers to obtain administrative access by leveraging access to intranet TCP port 3306. NOTE: the vendor disputes this issue, stating that the "vulnerability note ... is factually false ... there is indeed a...
VladTheEnterprising Gem for Ruby /tmp/my.cnf.#{target_host} Symlink Multiple Impact
VladTheEnterprising Gem for Ruby contains a flaw as the program creates temporary files insecurely. It is possible for a local attacker to use a symlink attack against the /tmp/my.cnf.targethost file they can overwrite arbitrary files, gain access to the MySQL root password, or inject arbitrary...