Ubee EVW3226 安全漏洞

The Ubee EVW3226 is a WiFi router from Ubee Corporation of Taiwan, China. A security vulnerability exists in the Ubee EVW3226 version 1.0.20 and earlier, which stems from a configuration backup file being stored in the web root directory and unencrypted, which could lead to the disclosure of...

EUVD-2018-8309

Malware in sbrugna...

EUVD-2025-18176

Malicious code in bioql PyPI...

CVE-2025-48862

Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted...

CVE-2025-49200

The created backup files are unencrypted, making the application vulnerable for gathering sensitive information by downloading and decompressing the backup files...

CVE-2025-49200

The created backup files are unencrypted, making the application vulnerable for gathering sensitive information by downloading and decompressing the backup files...

CVE-2025-49200 Unencrypted backup contains sensitive information

The created backup files are unencrypted, making the application vulnerable for gathering sensitive information by downloading and decompressing the backup files...

CVE-2025-49200

CVE-2025-49200 describes unencrypted backup files that can lead to disclosure of sensitive information when a backup is downloaded and decompressed. The linked sources reference SICK Field Analytics and SICK Media Server in relation to vulnerable backups, with no explicit product version or compo...

PT-2025-25326

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue allows for the gathering of sensitive information by downloading and decompressing unencrypted backup files created by the application. Recommendations At the moment, there is no...

CVE-2018-16498

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores...

CVE-2021-35526

Backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager – SDM600 allows attacker to gain access to sensitive information. This issue affects: Hitachi ABB Power Grids System Data Manager – SDM600 1.2 versions prior to FP2 HF6 Build Nr. 1.2.14002.257...

PT-2021-20952 · Hitachi Abb Power Grids · Hitachi Abb Power Grids System Data Manager – Sdm600

Name of the Vulnerable Software and Affected Versions: Hitachi ABB Power Grids System Data Manager – SDM600 versions prior to 1.2 FP2 HF6 Build Nr. 1.2.14002.257 Description: A backup file without encryption vulnerability is found in Hitachi ABB Power Grids System Data Manager – SDM600, allowing ...

CVE-2018-16498

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores...

Code injection

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores...

CVE-2018-16498

CVE-2018-16498 affects Versa Director where unencrypted backup files stored on the Versa deployment include credentials inside configuration files for components such as SNMP and SSL/Trust keystores. The root cause is plaintext credentials in backups, enabling potential exposure if backups are ac...

Versa Networks Versa Director 安全漏洞

Versa Networks Versa Director is a virtualization and service creation platform from Versa Networks, USA. It simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director that stems from an unencrypted backup file containing...

CVE-2020-15851

Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories...

CVE-2020-15851

Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories...

Joomla Resources Directory (JRD) Portal Suffers Data Breach

Joomla, one of the most popular Open-source content management systems CMS, last week announced a new data breach impacting 2,700 users who have an account with its resources directory JRD website, i.e., resources.joomla.org. The breach exposed affected users' personal information, such as full...

Design/Logic Flaw

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "MobileBackup" component. It allows remote attackers to obtain sensitive cleartext information in opportunistic circumstances by leveraging read access to a backup archive that was supposed to hav...