Lucene search
+L

70 matches found

osv
osv
added 2022/11/07 1:15 p.m.4 views

CVE-2022-42955

The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials...

7.5CVSS5.8AI score0.00356EPSS
Exploits0References2
nvd
nvd
added 2022/11/07 1:15 p.m.23 views

CVE-2022-42955

The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials...

7.5CVSS0.00356EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2022/11/07 12:0 a.m.8 views

CVE-2022-42955

The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials...

7.5AI score0.00356EPSS
Exploits0References2
cve
cve
added 2022/11/07 12:0 a.m.69 views

CVE-2022-42955

The CVE-2022-42955 entry concerns PassWork extension 5.0.9 for Chrome/other browsers. The vulnerability allows an attacker to obtain cleartext cached credentials due to the underlying issue described in multiple sources. Affected component is the PassWork extension; root cause details are not ful...

7.5CVSS7.4AI score0.00356EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2022/11/07 12:0 a.m.7 views

PassWork 安全漏洞

PassWork is a password manager from PassWork. A security vulnerability exists in PassWork version 5.0.9. An attacker exploited the vulnerability to obtain plaintext cached credentials...

7.5CVSS7.4AI score0.00356EPSS
Exploits0References3
cvelist
cvelist
added 2022/11/07 12:0 a.m.28 views

CVE-2022-42955

The PassWork extension 5.0.9 for Chrome and other browsers allows an attacker to obtain cleartext cached credentials...

7.6AI score0.00356EPSS
Exploits0References2
mskb
mskb
added 2022/09/20 12:0 a.m.7 views

September 20, 2022—KB5017381 (OS Build 20348.1070) Preview

None None...

6.1AI score
Exploits0
thn
thn
added 2021/03/18 10:19 a.m.178 views

Why Cached Credentials Can Cause Account Lockouts and How to Stop it

When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked. Another common cause, for example, is an application or...

0.2AI score
Exploits0
thn
thn
added 2021/03/18 10:19 a.m.4 views

Why Cached Credentials Can Cause Account Lockouts and How to Stop it

When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked. Another common cause, for example, is an application or...

5.7AI score
Exploits0
cnnvd
cnnvd
added 2021/01/13 12:0 a.m.8 views

Canonical Ubuntu Remote-login-service Encryption Issue Vulnerability

Canonical Ubuntu is a desktop-oriented GNU/Linux operating system from the British company Canonical. A security vulnerability exists in Canonical Ubuntu's remote-login-service service, which stems from an insecure encryption algorithm used to cache usernames and passwords in crypt.c of...

5.5CVSS6.1AI score0.00187EPSS
Exploits0References2
osv
osv
added 2020/10/27 9:15 p.m.6 views

CVE-2020-27888

An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access...

7.5CVSS7.1AI score0.01003EPSS
Exploits0References1
prion
prion
added 2020/10/27 9:15 p.m.18 views

Design/Logic Flaw

An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access...

5CVSS7.5AI score0.01003EPSS
Exploits0References1Affected Software2
redhat
redhat
added 2020/10/27 12:58 p.m.4 views

foreman: unauthorized cache read on RPM-based installations through local user

A flaw was found in Red Hat Satellite. An attacker could gain access to cache files further allowing access to cached credentials that could help the attacker to gain complete control of the Satellite instance. The highest threat from this vulnerability is to data confidentiality and integrity as...

8.8CVSS7.3AI score0.00315EPSS
Exploits0References4
redhat
redhat
added 2020/09/30 1:13 p.m.3 views

foreman: unauthorized cache read on RPM-based installations through local user

A flaw was found in Red Hat Satellite. An attacker could gain access to cache files further allowing access to cached credentials that could help the attacker to gain complete control of the Satellite instance. The highest threat from this vulnerability is to data confidentiality and integrity as...

8.8CVSS7.3AI score0.00315EPSS
Exploits0References4
redhatcve
redhatcve
added 2020/07/28 1:38 p.m.26 views

CVE-2020-14334

A flaw was found in Red Hat Satellite. An attacker could gain access to cache files further allowing access to cached credentials that could help the attacker to gain complete control of the Satellite instance. The highest threat from this vulnerability is to data confidentiality and integrity as...

4.6CVSS2.7AI score0.00315EPSS
Exploits0References3
osv
osv
added 2020/06/08 4:15 p.m.3 views

CVE-2020-9042

In Couchbase Server 6.0, credentials cached by a browser can be used to perform a CSRF attack if an administrator has used their browser to check the results of a REST API request...

8.8CVSS5.8AI score0.00576EPSS
Exploits0References1
prion
prion
added 2020/06/08 4:15 p.m.17 views

Cross site request forgery (csrf)

In Couchbase Server 6.0, credentials cached by a browser can be used to perform a CSRF attack if an administrator has used their browser to check the results of a REST API request...

6.8CVSS8.6AI score0.00576EPSS
Exploits0References1Affected Software1
ibm
ibm
added 2018/06/15 11:49 p.m.30 views

Security Bulletin: IBM Cognos Analytics is affected by multiple vulnerabilities

Summary This bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Analytics 11.0.8.0 GA as well as 11.0.7.0 and 11.0.6.0 Interim Fixes Vulnerability Details CVEID: CVE-2017-1783 DESCRIPTION: IBM Cognos Analytics could allow a local user to change parameters set from th...

7.8CVSS6.1AI score0.00462EPSS
Exploits0Affected Software1
cnvd
cnvd
added 2018/01/30 12:0 a.m.4 views

IBM Cognos Analytics Information Disclosure Vulnerability

IBM Cognos Analytics formerly known as Cognos BI is a suite of business intelligence software from the American company IBM. The software includes reports, dashboards and scorecards, and can assist companies in adjusting their decisions by analyzing key factors and key stakeholders. An informatio...

7.8CVSS5.9AI score0.0041EPSS
Exploits0References1
prion
prion
added 2018/01/29 4:29 p.m.21 views

Code injection

IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824...

2.1CVSS7.1AI score0.0041EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder