12 matches found
EUVD-2003-1085
Malware in sbrugna...
CVE-2025-9240
A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited...
CVE-2021-25644
An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators...
go-retryablehttp: url might write sensitive information to log file
A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information...
UBUNTU-CVE-2021-3573
A use-after-free in function hcisockboundioctl of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hciunregisterdev together with one of the calls hcisockblacklistadd, hcisockblacklistdel, hcigetconninfo,...
IBM Rational License Key Server Administration and Reporting Tool Information Disclosure Vulnerability
IBM Rational License Key Server Administration and Reporting Tool is a license administration and reporting tool. A security vulnerability in IBM Rational License Key Server Administration and Reporting Tool allows remote attackers to exploit the vulnerability to obtain cookie-based authenticatio...
CVE-2001-1532
WebX stores authentication information in the HTTPREFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user sessions...
CVE-2004-2210
Technical details about CVE-2004-2210 are not publicly available in the provided Connected documents. Monitor for updates from vendors and security advisories.
CVE-2002-0292
The CVE-2002-0292 entry describes a cross-site scripting (XSS) vulnerability in Slash before 2.2.5 (used in Slashcode and related projects). The issue allows remote attackers to steal cookies and authentication information from other users by injecting JavaScript into a URL (potentially via the f...
CVE-2001-0990
Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, stores authentication data in cleartext inside the libvpopmail.a library. This enables local users to recover MySQL credentials by inspecting vpopmail programs linked against the library. Affected component: vpopmail (MySQL module)...
CVE-2001-0496
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges...
CVE-2001-0496
CVE-2001-0496 affects the kdesu component of kdelibs. Affected software creates world-readable temporary files that contain authentication information, enabling a local attacker to gain privileges on the system. The Mandrake advisory MDKSA-2001:046-3 describes the issue and provides updated packa...