CVE-2026-22574

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

CVE-2026-22574

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

CVE-2026-22574

CVE-2026-22574 affects Fortinet FortiSOAR PaaS (versions 7.6.0–7.6.4, 7.5.0–7.5.2, 7.4 all, 7.3 all) and FortiSOAR on‑premise (7.6.0–7.6.4, 7.5.0–7.5.2, 7.4 all, 7.3 all). The issue is a vulnerability where passwords are stored in a recoverable format, potentially allowing an authenticated remote...

PT-2026-32667

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

CVE-2026-26334

Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll Veramark.Core.Config class. These keys are used to encrypt the password of the service account stored in C:\\VeraSMART Data\\app.settings. An attacker with local access to the...

CVE-2026-26334

Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll Veramark.Core.Config class. These keys are used to encrypt the password of the service account stored in C:\VeraSMART Data\app.settings. An attacker with local access to the...

CVE-2026-26334

Calero VeraSMART versions prior to 2026 R1 contain hardcoded static AES encryption keys within Veramark.Framework.dll Veramark.Core.Config class. These keys are used to encrypt the password of the service account stored in C:\VeraSMART Data\app.settings. An attacker with local access to the...

EUVD-2016-3953

Malware in sbrugna...

EUVD-2025-29071

Malicious code in bioql PyPI...

CVE-2025-4235 User-ID Credential Agent: Cleartext Exposure of Service Account password

An information exposure vulnerability in the Palo Alto Networks User-ID Credential Agent Windows-based can expose the service account password under specific non-default configurations. This allows an unprivileged Domain User to escalate privileges by exploiting the account’s permissions. The...

CVE-2025-4235

The CVE-2025-4235 entry describes an information-exposure vulnerability in Palo Alto Networks’ User-ID Credential Agent (Windows). Under specific non-default configurations, the service account password can be exposed, enabling an unprivileged Domain User to escalate privileges by abusing the acc...

CVE-2025-4235 User-ID Credential Agent: Cleartext Exposure of Service Account password

An information exposure vulnerability in the Palo Alto Networks User-ID Credential Agent Windows-based can expose the service account password under specific non-default configurations. This allows an unprivileged Domain User to escalate privileges by exploiting the account’s permissions. The...

CVE-2023-32265

A potential security vulnerability has been identified in the Enterprise Server Common Web Administration ESCWA component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to...

CVE-2023-32265

Summary (CVE-2023-32265): The vulnerability affects the Enterprise Server Common Web Administration (ESCWA) component used across Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An authenticated ESCWA user could exploit conditions described in the ...

OSIsoft PI Vision Information Disclosure Vulnerability

OSIsoft PI Vision is a set of commercialized software application platform based on Ckient/Server structure from OSIsoft, supporting data acquisition, analysis and visualization. An information disclosure vulnerability exists in OSIsoft PI Vision, which can be exploited by an attacker to obtain a...

CVE-2016-2880

IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. IBM Reference : 1997340...

CVE-2016-2880

IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. IBM Reference : 1997340...

BindView HackerShield 1.0/1.1 - HackerShield AgentAdmin Password

source: https://www.securityfocus.com/bid/628/info The BindView HackerShield product originally Netect's HackerShield creates an NT service account called NetectAgentAdmin$. This account is a member of the local administrators group on an NT host. The service account password is not machine...