114 matches found
PT-2025-48272
Name of the Vulnerable Software and Affected Versions Devolutions Server versions prior to 2025.2.21 Devolutions Server versions prior to 2025.3.9 Description The email service credentials were exposed to users lacking administrative privileges in Devolutions Server. Recommendations Update...
Years of JSONFormatter and CodeBeautify Leaks Expose Thousands of Passwords and API Keys
New research has found that organizations in various sensitive sectors, including governments, telecoms, and critical infrastructure, are pasting passwords and credentials into online tools like JSONformatter and CodeBeautify that are used to format and validate code. Cybersecurity company...
EUVD-2025-18283
Malicious code in bioql PyPI...
EUVD-2025-31636
Malicious code in bioql PyPI...
EUVD-2023-48656
Malicious code in bioql PyPI...
EUVD-2021-31301
Malicious code in bioql PyPI...
EUVD-2025-23188
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-32743
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In...
CVE-2025-50777
The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera version V1.00.02 contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Once accessed, the device exposes critical data including Wi-Fi credentials and ONVIF service...
PT-2025-31430 · Aziot · Aziot 2Mp Full Hd Smart Wi-Fi Cctv Home Security Camera
Name of the Vulnerable Software and Affected Versions: AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera version V1.00.02 Description: The firmware contains an Incorrect Access Control vulnerability that allows local attackers to gain root shell access. Successful exploitation exposes...
CVE-2025-28381
A credential leak in OpenC3 COSMOS before v6.0.2 allows attackers to access service credentials as environment variables stored in all containers...
CVE-2025-28381
A credential leak in OpenC3 COSMOS before v6.0.2 allows attackers to access service credentials as environment variables stored in all containers...
CVE-2025-28381
A credential leak in OpenC3 COSMOS before v6.0.2 allows attackers to access service credentials as environment variables stored in all containers...
CVE-2025-28381
CVE-2025-28381 affects OpenC3 COSMOS prior to v6.0.2, where service credentials are exposed as environment variables stored in all containers. The vulnerability is due to credential leakage in containerized environment variables, enabling attackers to access credentials if they can reach the runt...
CVE-2025-28381
A credential leak in OpenC3 COSMOS before v6.0.2 allows attackers to access service credentials as environment variables stored in all containers...
CVE-2023-28857
Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “sslclientcert”. When checking the validity o...
CVE-2021-44464
Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software...
FreeBSD : Gitlab -- Vulnerabilities (a435609c-ffd5-11ef-b4e4-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a435609c-ffd5-11ef-b4e4-2cf05da270f3 advisory. Gitlab reports: CVE-2025-25291 and CVE-2025-25292 third party gem ruby-saml CVE-2025-27407 thi...
Percona PMM Server 安全漏洞
Percona PMM Server is an open source database observability, monitoring and management tool for MySQL, PostgreSQL, MongoDB and ProxySQL from Percona. A security vulnerability exists in Percona PMM Server versions prior to 3.0.0-1.ova, which stems from default service account credentials that coul...
CVE-2024-13893
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in versions up to 3.3.0, might share same credentials for telnet service. Hash of the password can be retrieved through physical access to SPI connected memory. For the telnet service to be enabled, the...