EUVD-2022-30251

Malicious code in bioql PyPI...

EUVD-2023-51820

Malicious code in bioql PyPI...

EUVD-2023-54749

Malicious code in bioql PyPI...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : Request Tracker vulnerabilities (USN-7692-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7692-1 advisory. It was discovered that Request Tracker was susceptible to timing attacks. An attacker could possibly use this issue to access sensiti...

USN-7692-1 request-tracker5 vulnerabilities

It was discovered that Request Tracker was susceptible to timing attacks. An attacker could possibly use this issue to access sensitive information. This issue only affected Ubuntu 22.04 LTS. CVE-2021-38562 It was discovered that Request Tracker was susceptible to cross-site scripting attacks whe...

CVE-2025-1348

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy...

CVE-2025-1348 IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy...

CVE-2025-1348

CVE-2025-1348 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (versions 6.0.0.0–6.1.2.6 and 6.2.0.0–6.2.0.4). The root cause is an improper cache policy that allows a local user to obtain sensitive information from a user’s browser cache. IBM’s advisory lists the CVSSv3.1 base s...

CVE-2024-25142

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...

CVE-2023-47722

IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912...

CVE-2021-23972

One phishing tactic on the web is to provide a link with HTTP Auth. For example 'https://[email protected]'. To mitigate this type of attack, Firefox will display a warning dialog; however, this warning dialog would not have been displayed if evil.com used a redirect that was cached...

CVE-2021-32004

This issue affects: Secomea GateManager All versions prior to 9.6. Improper Check of host header in web server of Secomea GateManager allows attacker to cause browser cache poisoning...

CVE-2013-4959

Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as 1 host name, 2 MAC address, and 3 SSH keys via the web browser cache...

PT-2025-15985 · Ibm · Ibm Sterling Control Center

Name of the Vulnerable Software and Affected Versions: IBM Sterling Control Center versions 6.2.1 through 6.4.0 Description: The issue allows web pages to be stored locally, which can then be read by another user on the system, potentially exposing sensitive information. Recommendations: For...

Advanced Browser Data Extraction for Chromium and Gecko Browsers

This post-exploitation module extracts sensitive browser data from both Chromium-based and Gecko-based browsers on the target system. It supports the decryption of passwords and cookies using Windows Data Protection API DPAPI and can extract additional data such as browsing history, keyword searc...

CVE-2024-45314 Flask-AppBuilder login form allows browser to cache sensitive fields

Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. Version 4.5.1 contains a patch for this issue. If...

CVE-2024-30130 HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability

HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information...

CVE-2024-30130 HCL Nomad server on Domino is affected by a use of web browser cache containing sensitive information vulnerability

HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information...

FreeBSD : Request Tracker -- information exposure vulnerability (51498ee4-39a1-11ef-b609-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 51498ee4-39a1-11ef-b609-002590c1f29c advisory. Request Tracker reports: CVE-2024-3262 describes previously viewed pages being stored in the browser...

BIT-AIRFLOW-2024-25142 Apache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache

Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could result in potentially storing sensitive data in local cache of the browser. This issue affects Apache...