Lucene search
K

26 matches found

OSV
OSV
added 2026/04/09 4:16 p.m.10 views

PYSEC-2026-135

In Ubuntu, Subiquity version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, Subiquity could include certain user credentials, such as the user's plaintext Wi-Fi password, in the attached logs...

8.1CVSS5.8AI score0.00278EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-0457

Malware in sbrugna...

7.8CVSS6.4AI score0.01114EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-20510

Malware in sbrugna...

6.5CVSS6.6AI score0.01742EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-6861

Malware in sbrugna...

4.7CVSS4.9AI score0.00415EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 6:58 a.m.7 views

CVE-2024-40750

Linksys Velop Pro 6E 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation...

5.3CVSS7.1AI score0.00104EPSS
Exploits0References1
HackRead
HackRead
added 2025/02/12 10:46 p.m.9 views

Massive 1.17TB Data Leak Exposes Billions of IoT Grow Light Records

Massive 1.17 TB data leak exposes billions of records from a Chinese IoT grow light company. Wi-Fi passwords,…...

7.3AI score
Exploits0
NVD
NVD
added 2024/07/09 8:15 p.m.17 views

CVE-2024-40750

Linksys Velop Pro 6E 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation...

5.3CVSS0.00104EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 12:0 a.m.29 views

CVE-2024-40750

Linksys Velop Pro 6E 1.0.8 MX62001.0.8.215731 and 7 1.0.10.215314 devices send cleartext Wi-Fi passwords over the public Internet during app-based installation...

0.00104EPSS
Exploits0References2
CVE
CVE
added 2024/07/09 12:0 a.m.64 views

CVE-2024-40750

CVE-2024-40750 concerns Linksys Velop Pro 6E devices (versions 1.0.8 MX6200_1.0.8.215731 and 7 1.0.10.215314). The issue is that during app-based installation, cleartext Wi‑Fi passwords are transmitted over the public Internet. Root cause details are not fully specified in the provided documents,...

5.3CVSS7.3AI score0.00104EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2023/02/14 8:0 a.m.48 views

MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors related to state transitions in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a...

3.1CVSS6.5AI score0.07709EPSS
Exploits7
Kitploit
Kitploit
added 2021/10/28 11:30 a.m.38 views

DonPAPI - Dumping DPAPI Credz Remotely

Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials, and retreive them using : User password Domaine DPAPI BackupKey Local machine DPAPI Key protecting TaskScheduled blob...

7.1AI score
Exploits0References7
Cvelist
Cvelist
added 2021/06/11 2:33 p.m.20 views

CVE-2021-25423

Improper log management vulnerability in Watch Active2 PlugIn prior to 2.2.08.21033151 version allows attacker with log permissions to leak Wi-Fi password connected to the user smartphone via log...

5.7AI score0.00241EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/10/13 4:36 p.m.43 views

Authentication Bug Opens Android Smart-TV Box to Data Theft

A critical bug in the Hindotech HK1 TV Box would allow root-privilege escalation thanks to improper access control. A successful exploit would allow attackers to steal social-networking account tokens, Wi-Fi passwords, cookies, saved passwords, user-location data, message history, emails, contact...

0.26869EPSS
Exploits0References10
NVD
NVD
added 2019/11/14 5:15 p.m.24 views

CVE-2019-15345

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.8. This app contains an exported service named...

7.8CVSS7.6AI score0.00332EPSS
Exploits0References1
Prion
Prion
added 2019/11/14 5:15 p.m.10 views

Input validation

The Tecno Camon iClick Android device with a build fingerprint of TECNO/H633/TECNO-IN6:8.1.0/O11019/A-180409V96:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.8. This app contains an exported service named...

7.2CVSS7.5AI score0.00332EPSS
Exploits0References1
Prion
Prion
added 2019/11/14 5:15 p.m.16 views

Input validation

The Tecno Camon iAir 2 Plus Android device with a build fingerprint of TECNO/H622/TECNO-ID3k:8.1.0/O11019/E-180914V83:user/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.0.11. This app contains an exported service...

7.2CVSS7.5AI score0.00332EPSS
Exploits0References1
CVE
CVE
added 2018/12/28 9:0 p.m.40 views

CVE-2018-14979

The CVE-2018-14979 entry concerns ASUS ZenFone 3 Max (ASUS_X008_1) with pre-installed com.asus.loguploader. The issue is an exported service, LogUploaderService, accessible via a specific action, that can write a bugreport (kernel log, logcat, system service states including active notifications)...

4.7CVSS4.6AI score0.00415EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2018/12/24 5:29 p.m.15 views

CVE-2018-18698

An issue was discovered on Xiaomi Mi A1 tissotsprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE devices. They store cleartext Wi-Fi passwords in logcat during the process of setting up the phone as a hotspot...

9.8CVSS9.4AI score0.01082EPSS
Exploits0References1
CVE
CVE
added 2018/12/24 5:0 p.m.48 views

CVE-2018-18698

Affected product/variant: Xiaomi Mi A1 (tissot_sprout) running 8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE. Vulnerability detail: The device stores cleartext Wi‑Fi passwords in logcat during the process of enabling hotspot, exposing credentials. Impact: Unauthorized disclosure of Wi‑Fi passwords. Root...

9.8CVSS9.3AI score0.01082EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/12/24 5:0 p.m.24 views

CVE-2018-18698

An issue was discovered on Xiaomi Mi A1 tissotsprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE devices. They store cleartext Wi-Fi passwords in logcat during the process of setting up the phone as a hotspot...

9.4AI score0.01082EPSS
Exploits0References1
Rows per page
Query Builder