Lucene search
K

124 matches found

EUVD
EUVD
added 2026/06/01 9:37 a.m.14 views

EUVD-2026-33619

The PDBM application relies on a static, hard‑coded secret embedded in the PDBM.exe executable. This secret is used by the application’s encryption routines, including the function responsible for decrypting credentials stored in the product’s configuration file. Because the secret is constant...

6.4CVSS5.8AI score0.00065EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : firefox-60.2.1-1.0.1.el7.AXS7 (AXSA:2018-3344:06)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2018-3344:06 advisory. Mozilla: Crash in TransportSecurityInfo due to cached data CVE-2018-12385 Mozilla: Setting a master password post-Firefox 58 does not delete...

7CVSS7.7AI score0.0046EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

MiracleLinux 4 : firefox-60.9.0-1.0.1.AXS4 (AXSA:2019-4316:05)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4316:05 advisory. Mozilla: Sandbox escape through Firefox Sync CVE-2019-9812 Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9...

9.8CVSS7.3AI score0.0216EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.5 views

CVE-2022-0183

Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords...

4.6CVSS6.6AI score0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.5 views

CVE-2020-7909

In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI...

7.5CVSS6.9AI score0.01115EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/24 9:16 p.m.7 views

CVE-2025-34293 GN4 Publishing System Insecure Direct Object Reference (IDOR) Information Disclosure

GN4 Publishing System versions prior to 2.6 contain an insecure direct object reference IDOR vulnerability via the API. Authenticated requests to the API's object endpoints allow an authenticated user to request arbitrary user IDs and receive sensitive account data for those users, including the...

8.6CVSS0.0038EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-15540

Malware in sbrugna...

6.5CVSS6.6AI score0.0064EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-20395

Malware in sbrugna...

4.6CVSS5.7AI score0.00316EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-3403

Malware in sbrugna...

9.8CVSS9.2AI score0.01411EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2009-1702

Malware in sbrugna...

1.2CVSS6.2AI score0.00313EPSS
Exploits2References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2012-4885

Malware in sbrugna...

6.5CVSS6.4AI score0.03453EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-1000025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME Web Epiphany 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager swee...

7.5CVSS7.2AI score0.01385EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/29 12:33 p.m.12 views

CVE-2025-48046 MICI Network Co. Ltd. NetFax Server Disclosure of Stored Passwords in Cleartext

An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the /config.php endpoint...

5.3CVSS7.1AI score0.00479EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:23 a.m.9 views

CVE-2024-34682

Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to access stored WiFi password in Maintenance Mode...

2.4CVSS6.5AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:51 a.m.6 views

CVE-2023-30776

An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset version 1.3.0 up to 2.0.1...

6.5CVSS6.6AI score0.02067EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:35 p.m.8 views

CVE-2020-27902

An authentication issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2. A person with physical access to an iOS device may be able to access stored passwords without authentication...

4.6CVSS5.1AI score0.00316EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 9:22 a.m.11 views

CVE-2019-14929

An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. Stored cleartext passwords could allow an unauthenticated attacker to obtain configured username and password combinations on the RTU due to the weak credentials management ...

9.8CVSS7.4AI score0.01936EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0072: libreoffice (ALINUX3-SA-2024:0072)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0072 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-26305: An Improper Certificate...

8.8CVSS7.7AI score0.65692EPSS
Exploits2References9
CNNVD
CNNVD
added 2025/04/02 12:0 a.m.4 views

Jenkins plugin monitor-remote-job 访问控制错误漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

5.5CVSS6.5AI score0.00266EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/31 12:0 a.m.2 views

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that stems from insufficiently spaced CAPTCHA attempts, which could lead to a malicious application accessing a user's saved...

9.8CVSS6.1AI score0.00587EPSS
Exploits0References3
Rows per page
Query Builder