Lucene search
K

377 matches found

Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.6 views

PT-2019-11379 · Jenkins · Jenkins Upload To Pgyer Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Upload to pgyer Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner in job config.xml files on the Jenkins master. These credentials can be accessed by users who...

6.5CVSS6.3AI score0.01226EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.3 views

PT-2019-11350 · Jenkins · Jenkins Official Owasp Zap Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Official OWASP ZAP Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins Official OWASP ZAP Plugin. Specifically,...

8.8CVSS8.4AI score0.01365EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.4 views

PT-2019-11699 · Jenkins · Jenkins Sametime Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Sametime Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the credential...

8.8CVSS8.5AI score0.01773EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.7 views

PT-2019-11353 · Jenkins · Jenkins Amazon Sns Build Notifier Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Amazon SNS Build Notifier Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specificall...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.4 views

PT-2019-11354 · Jenkins · Jenkins Aws-Device-Farm Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins aws-device-farm Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins aws-device-farm Plugin. Specifically,...

8.8CVSS8.4AI score0.01365EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.4 views

PT-2019-11361 · Jenkins · Jenkins Octopusdeploy Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins OctopusDeploy Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.7 views

PT-2019-11352 · Jenkins · Jenkins Aws Cloudwatch Logs Publisher Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins AWS CloudWatch Logs Publisher Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2019/04/04 12:0 a.m.4 views

PT-2019-11364 · Jenkins · Jenkins Hyper.Sh Commons Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Hyper.sh Commons Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically,...

8.8CVSS8.5AI score0.01365EPSS
Exploits0References6
Prion
Prion
added 2018/07/03 2:29 p.m.18 views

Design/Logic Flaw

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...

4.3CVSS6.2AI score0.01023EPSS
Exploits0References2
NVD
NVD
added 2018/07/03 2:29 p.m.24 views

CVE-2018-4855

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...

6.5CVSS6.3AI score0.01023EPSS
Exploits0References2
CVE
CVE
added 2018/07/03 2:0 p.m.48 views

CVE-2018-4855

CVE-2018-4855 affects Siemens SICLOCK TC100/TC400 (All versions). Root cause is unencrypted storage of passwords in client configuration files and during network transmission, enabling an attacker in a privileged position to obtain device access passwords. Public details describe an information d...

6.5CVSS6.2AI score0.01023EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/07/03 2:0 p.m.16 views

CVE-2018-4855

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords...

6.3AI score0.01023EPSS
Exploits0References2
Veracode
Veracode
added 2018/01/29 12:18 a.m.25 views

Unencrypted Password Store

build-publisher stores passwords unencrypted. Anyone with access to the local file system can access credentials to other Jenkins systems. The credentials are also transmitted in plaintext which exposes them to various other attacks...

7.8CVSS7.3AI score0.00382EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/09/28 12:0 a.m.4 views

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of protection for email account credentials, allowing attackers to access confidential information.

The vulnerability of Advantech WebAccess remote monitoring software lies in the lack of protection for email account credentials stored in unencrypted form. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information...

5CVSS6.4AI score0.01765EPSS
Exploits0References5Affected Software1
Atlassian
Atlassian
added 2014/10/14 5:42 p.m.16 views

Adding Subscription Cal by URL stores user password unencrypted

panel:bgColor=e7f4fa NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report|http://jira.atlassian.com/browse/CONFSERVER-48402. panel I discovered that calendar subscriptions not only store user credentials, but do so unencrypted!!! There is really...

1.2AI score
Exploits0Affected Software1
Packet Storm
Packet Storm
added 2005/04/18 12:0 a.m.20 views

firefly_pass_recovery.txt

--------------------- Application: --------------------- FireFly 1.0 --------------------- Introduction: --------------------- Vendor: NetCruiser Software www.netcruiser-software.com Vendor Description: Firefly is a Windows application that allows you to share files with other users. Firefly uses...

7.4AI score
Exploits0
CERT
CERT
added 2002/08/07 12:0 a.m.36 views

Nevrona Designs MiraMail stores all configuration and user account information in unencrypted text file

Overview Some versions of MiraMail store username and passwords in a text file without using encryption. Description MiraMail is a news server for Windows-based hosts. Versions of MiraMail up to and including 1.04 store MiraMail user data, including usernames and passwords, in unencrypted plainte...

2.1CVSS6AI score0.00424EPSS
Exploits0References2
Rows per page
Query Builder