EUVD-2016-9714

Malware in sbrugna...

EUVD-2019-15208

Malware in sbrugna...

CVE-2025-21003

Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information...

CVE-2023-31001

IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653...

CVE-2025-0714 Insecure storage of sensitive information in MobaXTerm <25.0.

The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector IV consisting only of zero bytes and a master key to encrypt each password individually. In the default configuration, on opening MobaXTerm, the user is prompted...

CVE-2025-0142 Zoom Jenkins Marketplace plugin - Cleartext Storage of Sensitive Information

Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access...

Jenkins plugins Multiple Vulnerabilities (2025-01-22)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins OpenId Connect Authentication Plugin 4.452.v2849bd3945fa and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as...

C-MOR Video Surveillance 5.2401 / 6.00PL01 Information Disclosure / Cleartext Secret

Advisory ID: SYSS-2024-028 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Cleartext Storage of Sensitive Information CWE-312 Risk Level: Medium Solution Status: Open Manufacturer...

CVE-2024-4235

A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been...

Red Hat OpenShift 安全漏洞

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying, and running applications. A security vulnerability exists in Red Hat OpenShift that stems from the use of plain strings to store some sensitive information...

CVE-2023-40715

A cleartext storage of sensitive information vulnerability CWE-312 in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device...

CVE-2023-20111

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based management interface. An...

Design/Logic Flaw

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5UC CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC iQ-R series...

CVE-2021-22030

Greenplum Database prior to 5.28.14 and 6.17.0: statements can cause sensitive credential information to be logged, enabling a user with log access to read credentials. Multiple connected sources (Red Hat, NVD, Veracode, OSV, CVE lists) corroborate this disclosure; no explicit exploit details or ...

Sensitive Cookie Without 'HttpOnly' Flag in yeswiki/yeswiki

Description The software uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag. The HttpOnly flag directs compatible browsers to prevent client-side script from accessing cookies. Including the HttpOnly flag in the Set-Cookie HTTP response header helps...

CVE-2019-15704

A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway...

GE SNMP/Web Interface Vulnerabilities

OVERVIEW Independent researcher Karn Ganeshen has identified two vulnerabilities in the GE SNMP/Web Interface adapter. GE has produced a new firmware version to mitigate the identified vulnerabilities in later model devices. Earlier model SNMP/Web Interface adapters may need to be upgraded to...

Wowza Streaming Engine 4.5.0 Cleartext Sensitive Information Storage

i? Wowza Streaming Engine 4.5.0 Cleartext Storage Of Sensitive Information Vendor: Wowza Media Systems, LLC. Product web page: https://www.wowza.com Affected version: 4.5.0 build 18676 Summary: Wowza Streaming Engine is robust, customizable, and scalable server software that powers reliable video...

Moxa MiiNePort Vulnerabilities

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-145-01 Moxa MiiNePort Vulnerabilities that was published May 24, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified weak credential management, sensitive information not...

GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: GE Industrial Solutions - UPS SNMP Adapter Command Injection and Clear-text Storage of Sensitive Information Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.geindustrial.com/ Versions Reported: All...