9 matches found
GHSA-QPV2-RWC8-C993 Netmaker does not verify JWT signatures for host tokens
Netmaker by Gravitl is an open-source WireGuard-based networking platform for creating and managing virtual overlay networks. The VerifyHostToken function in logic/jwts.go does not validate the JWT signature when verifying host tokens. After calling jwt.ParseWithClaims, the function only checks...
EUVD-2021-9273
Malicious code in bioql PyPI...
CVE-2021-22115
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller...
CVE-2024-50688
SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials. The application regardless of the user account and the cloud uses the same MQTT credentials for exchanging the device telemetry...
SUSE CVE-2021-22115
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller...
CVE-2023-22597
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. They use an unsecured channel to communicate with the cloud platform by default. An...
CVE-2021-22115
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller...
cumin: broker username/password appears in the log file
Cumin in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized actions on jobs and message queues via a direct connection to the broker...
cumin: broker username/password appears in the log file
Cumin in Red Hat Enterprise Messaging, Realtime, and Grid MRG 2.0 records broker authentication credentials in a log file, which allows local users to bypass authentication and perform unauthorized actions on jobs and message queues via a direct connection to the broker...