CVE-2023-31462

An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges...

CVE-2023-31462

An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges...

SUSE CVE-2013-1853

Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database...

Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2022.3.7 and prior versions, which stems from Dashlane passwords and Keepass Server...

CVE-2020-12032

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI...

CVE-2020-12032

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database. This could allow an attacker with network access to view or modify sensitive data including PHI...

CVE-2020-12032

CVE-2020-12032 concerns Baxter ExactaMix EM 2400 (versions 1.10–1.11 and 1.13–1.14 per ICS update) and ExactaMix EM1200 (versions 1.1–1.2, 1.4–1.5 per ICS advisory) where device data is stored in an unencrypted database, enabling a network-attacker to view or modify sensitive data including PHI. ...

CVE-2019-0348

SAP BusinessObjects Business Intelligence Platform Web Intelligence, versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted...

MakeMyTrip 7.2.4 - Information Disclosure Vulnerability

Exploit for Android platform in category local exploits Exploit Title: Android Application MakeMyTrip 7.2.4 - Unencrypted Database Files Software Link: MakeMyTrip v7.2.4 Android Application Exploit Author: Divya Jain Version: 7.2.4 Android App CVE: CVE-2018-11242 Category: Mobileapps Tested on:...

MakeMyTrip application for Android information disclosure vulnerability

MakeMyTrip application for Android is an Android based application for booking tickets, hotels and cabs. A security vulnerability exists in version 7.2.4 of the MakeMyTrip application for Android-based platforms, which stems from the program's failure to encrypt a locally stored database. An...

MakeMyTrip 7.2.4 - Information Disclosure

Exploit Title: Android Application MakeMyTrip 7.2.4 - Unencrypted Database Files Date: 2018-05-21 Software Link: MakeMyTrip v7.2.4 Android Application Exploit Author: Divya Jain Version: 7.2.4 Android App CVE: CVE-2018-11242 Category: Mobileapps Tested on: Android v5.1 1. Description Android...

Subaru car software vulnerability analysis—never a failure of token-vulnerability warning-the black bar safety net

Not long ago, one from California car, information security researcher Aaron Guzman, in Australia, held a computer security conference to introduce a black into the Subaru car of the method. In his own 2017 Subaru WRX STI was found in a surprising number of software vulnerabilities, through these...

DEBIAN-CVE-2013-1853

Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database...

CVE-2013-1853

Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database...

26 Million Veterans data breached by eight state sponsored organizations

Since 2010, foreign state sponsored organizations have repeatedly compromised an unencrypted database maintained by the Veterans Affairs Department that contains personally identifiable information on roughly 26 million veterans. Including at least eight foreign-sponsored organizations, mostly...

CVE-2006-7163

DreameeSoft Password Master 1.0 stores the database in an unencrypted format when the master password is set, which allows attackers with physical access to read the database contents via an unspecified authentication bypass. NOTE: the provenance of this information is unknown; the details are...

CVE-2006-7163

CVE-2006-7163 affects DreameeSoft Password Master 1.0; the password database is stored unencrypted when the master password is set, allowing someone with physical access to read the contents via an unspecified authentication bypass. This is described across connected sources; no remediation or fi...

Web Wiz Site News realease v3.06 administration access.

Date: 14.04.2003 Subject: Web Wiz Site News realease v3.06 administration access. Description: Free asp news management system. Includes, simple intergration, short news item with link to full story, insert images, links, text formatting, user commentsoptional with email notification, anti-spam...