Lucene search
K

323 matches found

RedhatCVE
RedhatCVE
added 2025/05/29 1:50 a.m.22 views

CVE-2025-33079

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code...

6.5CVSS6.6AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 2025/05/27 2:15 a.m.34 views

CVE-2025-33079

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code...

6.5CVSS0.00266EPSS
Exploits0References1
OSV
OSV
added 2025/05/27 2:15 a.m.3 views

CVE-2025-33079

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code...

6.5CVSS5.8AI score0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/27 1:5 a.m.34 views

CVE-2025-33079 IBM Controller information disclosure

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code...

6.5CVSS0.00266EPSS
Exploits0References1
CVE
CVE
added 2025/05/27 1:5 a.m.66 views

CVE-2025-33079

Summary of CVE-2025-33079 (IBM Controller information disclosure) Affected products: IBM Controller: version 11.1.0 (and IBM Cognos Controller 11.0.0 – 11.0.1). Root cause / vulnerability: An authenticated user could obtain sensitive credentials that may be inadvertently included within the sourc...

6.5CVSS6.3AI score0.00266EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2025/05/27 1:5 a.m.9 views

CVE-2025-33079 IBM Controller information disclosure

IBM Controller 11.0.0, 11.0.1, and 11.1.0 application could allow an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code...

6.5CVSS6.5AI score0.00266EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/26 6:50 p.m.10 views

Security Bulletin: IBM Controller has addressed a security vulnerability (CVE-2025-33079)

Summary IBM Controller has addressed a security vulnerability that could allow an authenticated user to obtain sensitive credentials. This Security Bulletin relates only to the direct usage of third-party components by IBM Controller and not any nested dependencies within the product. Vulnerabili...

6.5CVSS6.2AI score0.00266EPSS
Exploits0Affected Software2
Positive Technologies
Positive Technologies
added 2025/05/26 12:0 a.m.13 views

PT-2025-22887 · Ibm · Ibm Controller

Name of the Vulnerable Software and Affected Versions: IBM Controller versions 11.0.0 through 11.1.0 Description: The issue allows an authenticated user to obtain sensitive credentials that may be inadvertently included within the source code. Recommendations: For versions 11.0.0 through 11.1.0,...

6.8CVSS5.8AI score0.00266EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 6:44 a.m.9 views

CVE-2024-6749

Seth Fogie, member of the AXIS Camera Station Pro Bug Bounty Program, has found that the Incident report feature may expose sensitive credentials on the AXIS Camera Station windows client. If Incident report is not being used with credentials configured this flaw does not apply. Axis has released...

6.3CVSS6.7AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:2 a.m.6 views

CVE-2023-27871

IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613...

7.5CVSS6.7AI score0.00903EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:36 a.m.8 views

CVE-2023-28514

IBM MQ 8.0, 9.0, and 9.1 could allow a local user to obtain sensitive credential information when a detailed technical error message is returned in a stack trace. IBM X-Force ID: 250398...

6.2CVSS5.7AI score0.00185EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:33 p.m.10 views

CVE-2022-25804

An issue was discovered in the IGEL Universal Management Suite UMS 6.07.100. Insecure permissions for the serverconfig registry key under JavaSoft\Prefs\de\igel\rm\config in HKEYLOCALMACHINE\SOFTWARE allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the U...

5.5CVSS6.7AI score0.0028EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.12 views

CVE-2021-21361

The com.bmuschko:gradle-vagrant-plugin Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in public CI/CD, this can lead to sensitive credentials being exposed to malicious actors. This is fixe...

6.5CVSS6.2AI score0.01176EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:18 a.m.12 views

CVE-2018-10676

CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI...

9.8CVSS6.8AI score0.02078EPSS
Exploits1References1
Redos
Redos
added 2025/04/24 12:0 a.m.66 views

ROS-20250424-05

Vulnerability in the netrc file handler of the cURL command line utility is related to insufficient protection of the of service data. Exploitation of the vulnerability could allow an attacker acting remotely to access credentials with HTTP redirection to another resource. access to credentials...

3.4CVSS7.2AI score0.01378EPSS
Exploits2
NVD
NVD
added 2025/04/20 3:15 a.m.22 views

CVE-2025-43928

In Infodraw Media Relay Service MRS 7.1.0.0, the MRS web server on port 12654 allows reading arbitrary files via ../ directory traversal in the username field. Reading ServerParameters.xml may reveal administrator credentials in cleartext or with MD5 hashing...

9.8CVSS0.00839EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/04/17 11:58 p.m.18 views

CVE-2025-32021

Weblate is a web based localization tool. Prior to version 5.11, when creating a new component from an existing component that has a source code repository URL specified in settings, this URL is included in the client's URL parameters during the creation process. If, for example, the source code...

7.5CVSS7AI score0.00332EPSS
Exploits1References1
CVE
CVE
added 2025/03/28 11:50 p.m.65 views

CVE-2024-7577

IBM InfoSphere Information Server 11.7 is affected by CVE-2024-7577, an information disclosure vulnerability that can expose sensitive user credentials from log files during a fresh installation. The IBM bulletin confirms affected product/version: InfoSphere Information Server 11.7, with remediat...

7.5CVSS6.8AI score0.00285EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/28 12:0 a.m.7 views

PT-2025-13597 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue could disclose sensitive user credentials from log files during the new installation of the product. Recommendations: For IBM InfoSphere Information Server version 11.7,...

7.5CVSS4.5AI score0.00285EPSS
Exploits0References8
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.6 views

IBM InfoSphere Information Server 日志信息泄露漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A security vulnerability exists in IBM InfoSphere Information Server version 11.7, which stems...

7.5CVSS6AI score0.00285EPSS
Exploits0References2
Rows per page
Query Builder